Why is traffic not being challenged

frzikra55 · January 16, 2025, 3:55pm

What is the name of the domain?

What is the issue you’re encountering

This expression in WAF is supposed to challenge all traffic from this ASN with HTTP/1.1. Still not being mitigated. Why is that? (ip.src.asnum eq 8075 and http.request.version eq “HTTP/1.1”)

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

See attached confirmation that IP not being mitigated.

Screenshot of the error

sjr · January 16, 2025, 4:12pm

The request was redirected (301), likely the request was made over http and was redirected to https on Cloudflare.

If the request was then made to https and you are challenging all requests in the WAF, then it would be challenged for that request. I see a challenge for https on your site.

frzikra55 · January 16, 2025, 6:44pm

Ok got it.
For that ASN rule, if traffic is redirected as https, then it wont be challenged.
Should I edit that rule to challenge all traffic from the ASN?

system · January 31, 2025, 6:44pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
WAF misclassifying traffic Security	3	25	January 8, 2025
HTTP DDoS (false positive) Security	3	70	December 20, 2024
Urgent assistance required: My server is receiving attack traffic that should have Security	8	974	July 27, 2024
DDOS ATTACK from all geos - want specifec traffic to skip Security	5	13	November 30, 2024
Why is 94% of my traffic not secure? Getting Started	3	2114	May 4, 2021