Where is WAF traffci analyzed/decrypted

Being an EU based company service mostly EU customers most if not all require processing of their data to be performed in the EU/EER. It may be painfully obvious to most but I’m stuggling to find a definitive answer in the documentation: Where is traffic decrypted and processed by the WAF before forwarding to the origin?
I assume (but would like to confirm) that when the client connects from EU/EER that WAF processing is also in that geographical area.
What if the client connects from say Indonesia or South Africa?

Best regards,
Klaas

It is done in the Cloudflare PoP that the user connects to, often the one closest to the user, but that does depend on how the ISP routes traffic to Cloudflare.
https://www.cloudflare.com/en-gb/learning/cdn/glossary/anycast-network/

You can force/prevent the use of specific PoPs using the data localisation suite which is an Enterprise plan add-on…

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.