I created a WAF rule to block specific pages from everywhere except US on my website, some of the pages are being blocked and WAF is working but for one webpage, it is not working out.
Does anyone have a similar experience… Please help me resolve this…
What does your WAF rule look like?
(ip.geoip.continent in {“AF” “AN” “AS” “EU” “SA” “T1” “OC”} and http.request.full_uri eq "mysite/page1”) or (http.request.full_uri eq "mysite”/page2) or (http.request.full_uri eq “page”3) or (http.request.full_uri eq “page”4 and http.request.full_uri eq “page”5)
This is the expression preview where the action is BLOCK…
All the pages are getting blocked except the last one i.e. page 5. Any idea ??
This can never be true. The full request URI can’t be both “page4” and “page5” at the same time.
Did you mean to use…
(http.request.full_uri eq “page4") or (http.request.full_uri eq “page5")
Also with that rule, only mysite/page1 will be blocked for those continents. Page 2, etc, will be blocked from everywhere. Is that what you are trying to achieve?
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.