hypixel.dsns.dev
There seems to be two logs in WAF, one saying that the request was not mitigated and another saying it is.
I checked to ensure that no other rules could be overriding my WAF rule.
It seems that the worker that is being proxied doesn’t see the request, but the logs show that it was not mitigated.
Full (strict)
This problem was not present before, but has slowly creeped up in recent days and it only happens to a subset of requests. The “served by Cloudflare” has slowly risen when originally it seems all malicious requests were blocked.
One thing is Security Analytics while the others are Security Events.
That should be the HTTP requests which were not cached by the default, e.g. HTML content, etc.
The first screenshot is security analytics, not security events. Security events don’t show the request that wasn’t blocked. There are duplicate logs under security analytics. My concern is that Cloudflare is letting some requests through even though they should be blocked by the WAF.
The served by Cloudflare seems too high for normal traffic on my website. Since I am proxying a Cloudflare worker, it seems that any non-mitigated traffic that is passed to my Cloudflare worker is considered “served by Cloudflare”.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.
