Web Application firewall rules does not apply

Hello everyone!

I have a small problem with WAF. On my server, I have Crowdsec which automatically puts a list of IPs to block in Cloudflare and makes a rule on WAF. The issue is that I noticed that WAF did not block the IPs in the list. For the test, I tried to ban my IP on Crowdsec, but I still have access to the web interfaces of my server (even though my IP is well on the list and the firewall rule seems to be good).
I checked, my server’s DNS entries do go through Cloudflare’s proxy.
Here is the screenshot of the WAF configuration made by Crowdsec:

Does anyone have a solution or has anyone encountered this issue?
Thanks :wink:

It seems that your list is at the limit of 10,000. Do you know if the IPs are actually being updated in that list?

Yes I know that but Crowdsec purge old IPs from the list when the limit is reach. Normally, my IP is in the list !
PS: I also tried to make a new rule with my IP, but it doesn’t work either

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.