This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block subnet before hitting WAF

Hi,

Does anybody know how/if I can block an IP/Subnet before traffic, originating from that IP/Subnet, arrives at the WAF/Reverse Proxy server?

I created a block rule for one IP address, saying;
From IP - Service ANY - Destination ANY - Action DROP
And I put it on top of the rule set.

And still, when accessing the website that's behind the WAF/Reverse proxy, they get to see the webpage. And it's not browser cache or someting, I actually see the lines appear in the live log of WAF.

When I block the entire country where that IP originates from, yes, than traffic is blocked. But that's not what I want, I want to be able to block traffic from one IP or one Subnet.

Thanks!
Regards,
Erwin.

This thread was automatically locked due to age.

0 ehofstede over 10 years ago in reply to mod2402

I don't know why this was working for me, in my first test. Now, it's working as expected. Maybe, I've made my test too quickly.

Bob you are right!

Regards
mod

Yes, like I was too fast as well... In my test environment the client kept seeing the webpage although I configured their subnet in the Deny list. But if you wait a couple of seconds before testing you'll see that it does work the way we expect it to work. [:)]

Thanks Mod for testing and thanks Bob for your explanation!
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 10 years ago

Very gracious of you, mod - Thanks!

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel