I woke up this morning to see a lot of WAF blocked requests on one of my domains. I have the “OWASP Anomaly Score Threshold (Required)” set to High which is 25 - and Higher, but it is still blocking anything below that number. I also tried toggling it off and then back on to see if that would make a difference.
Is there anything I can do, besides creating a firewall rule to bypass WAF managed rules.
May I ask from where are those requests coming from?
For example, in my case, WordPress uses WP Cron and sometimes it’s blocked, or it’s WP REST API, or something else for some other app.
Therefore, I believe if you whiltelist / add your server IP to the Security → Tools → IP Access Rules with the action “allow” for your Website, it should bypass them and work ok, at least as same as it works for WordPress websites in my case.
Mine is blocking the OpenProject API.
Switching OWASP Paranoia Level from PL4 to PL3 seems to have worked.