WAF Rules don't work on free plan

Do the WAF rules not work on the free plan?

My rules to block countries don’t work - period, and I set some new rules to block URI & URI Path and they don’t work after being deployed as well (see below)

Would like to prove that it works before paying

If you used the same logic as you did for the URI checks, then it’s no surprise.

No WordPress URI will contain wp-admin AND wp-login AND xmlrpc, ALL at the same time.


Id recommend creating a very simple rule and then adding conditions to it after you get the basic rule in place. This allows you to more easily debug if the rule isn’t working as expected.

As @sdayman indicated the AND operator is likely creating impossible to meet conditions in this instance.


This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.