whitelisting rule does not work

Hello, the file whitelisting rule does not work and blocks people who pay through the payment system!

So that block was due to rule 'riskyiuam_bot_score' being triggered. See ‘Rule ID’ in your second screenshot.

AFAIK, the ‘bots’ rules are applied upstream of any WAF rules. You can see this in the ‘Traffic Sequence’ flow down the right hand side of the page when you’re in the WAF area of the dashboard.

So I suspect you’d have to disable the Managed Rule for bots for this to get through as your allow rule will always be after this check has been made.

But really I guess this might be a bit of an XY problem inasmuch as do you expect payments to be processed from clients where this riskyiuam_bot_score is being triggered. Hmmm…