I have a small problem with WAF. On my server, I have Crowdsec which automatically puts a list of IPs to block in Cloudflare and makes a rule on WAF. The issue is that I noticed that WAF did not block the IPs in the list. For the test, I tried to ban my IP on Crowdsec, but I still have access to the web interfaces of my server (even though my IP is well on the list and the firewall rule seems to be good).
I checked, my server’s DNS entries do go through Cloudflare’s proxy.
Here is the screenshot of the WAF configuration made by Crowdsec:
Does anyone have a solution or has anyone encountered this issue?