Hi, I create an exception to skip a XSS, HTML Injection - Script Tag rule, but the block remains. I´ve been looking about this topic in the forums but I dind´t find anything.
Can you help me please?
Thanks.
Felipe Limeira de Azeredo
Can you please share the WAF event that is showing the blocked request? It could be that there are multiple rules that are firing, and you have only added an exception to a single rule (has happened to me).
Sure, follow the event Json.
(Attachment firewall-event-808c24d4aa0f1ffc.json is missing)
What is the rule that you have an exception for? Does it match either the rule or ruleset ID (I forget which one).
That all looks right. The only other thing I can think of is that the ip.src address isn’t matching the one in the request.
It´s a specific IP that I used to improve the filter. I can´t understand why still blocking.
Is it possible a call?
But is the IP address the one that you are coming from? If it isn’t then the rule won’t be skipped.