WAF Rules Arent working

Hello can someone please help me i've made cloudflare WAF Rules but they arent working/triggering anyone has it

Here are my rules below

(ssl and http.request.uri.path eq "/auth/login" and http.request.uri.path eq "/" and http.request.uri.path contains "/register" and http.request.full_uri eq "https://panel.lylanodes.com/auth/login" and http.request.full_uri eq "https://dash.lylanodes.com/servers" and http.request.full_uri contains "https://panel.lylanodes.com/" and http.request.full_uri contains "https://dash.lylanodes.com/" and cf.client.bot and http.request.method eq "GET" and http.request.version in {"HTTP/1.0" "HTTP/1.1" "HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"} and cf.waf.score.class eq "attack" and cf.waf.score.class eq "likely_attack" and cf.waf.score.class eq "likely_clean" and cf.waf.score.class eq "clean" and cf.threat_score gt 2 and http.cookie contains "TOKEN=11111111111111111111111") or (http.cookie contains "TOKEN=" and ip.geoip.continent in {"AF" "AN" "AS" "EU" "NA" "OC" "SA" "T1"} and ip.geoip.asnum eq 33575 and ip.geoip.asnum eq 13335 and http.request.uri.path contains "/:80" and http.request.uri.path contains "/:443" and http.request.uri.path contains "/:53" and http.request.uri.path contains "/:8443")

(ssl and http.request.uri.path eq "/auth/login" and http.request.uri.path eq "/" and http.request.uri.path contains "/register" and http.request.full_uri eq "https://panel.lylanodes.com/auth/login" and http.request.full_uri eq "https://dash.lylanodes.com/servers" and http.request.full_uri contains "https://panel.lylanodes.com/" and http.request.full_uri contains "https://dash.lylanodes.com/" and cf.client.bot and http.request.method eq "GET" and http.request.version in {"HTTP/1.0" "HTTP/1.1" "HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"} and cf.waf.score.class eq "attack" and cf.waf.score.class eq "likely_attack" and cf.waf.score.class eq "likely_clean" and cf.waf.score.class eq "clean" and cf.threat_score gt 2 and http.cookie contains "TOKEN=11111111111111111111111") or (http.cookie contains "TOKEN=" and ip.geoip.continent in {"AF" "AN" "AS" "EU" "NA" "OC" "SA" "T1"} and ip.geoip.asnum eq 33575 and ip.geoip.asnum eq 13335 and http.request.uri.path contains "/:80" and http.request.uri.path contains "/:443" and http.request.uri.path contains "/:53" and http.request.uri.path contains "/:8443")

(ssl and http.request.uri.path eq "/auth/login" and http.request.uri.path eq "/" and http.request.uri.path contains "/register" and http.request.full_uri eq "https://panel.lylanodes.com/auth/login" and http.request.full_uri eq "https://dash.lylanodes.com/servers" and http.request.full_uri contains "https://panel.lylanodes.com/" and http.request.full_uri contains "https://dash.lylanodes.com/" and cf.client.bot and http.request.method eq "GET" and http.request.version in {"HTTP/1.0" "HTTP/1.1" "HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"} and cf.waf.score.class eq "attack" and cf.waf.score.class eq "likely_attack" and cf.waf.score.class eq "likely_clean" and cf.waf.score.class eq "clean" and cf.threat_score gt 2 and http.cookie contains "TOKEN=11111111111111111111111") or (http.cookie contains "TOKEN=" and ip.geoip.continent in {"AF" "AN" "AS" "EU" "NA" "OC" "SA" "T1"} and ip.geoip.asnum eq 33575 and ip.geoip.asnum eq 13335 and http.request.uri.path contains "/:80" and http.request.uri.path contains "/:443" and http.request.uri.path contains "/:53" and http.request.uri.path contains "/:8443")

(ssl and http.request.uri.path eq "/auth/login" and http.request.uri.path eq "/" and http.request.uri.path contains "/register" and http.request.full_uri eq "https://panel.lylanodes.com/auth/login" and http.request.full_uri eq "https://dash.lylanodes.com/servers" and http.request.full_uri contains "https://panel.lylanodes.com/" and http.request.full_uri contains "https://dash.lylanodes.com/" and cf.client.bot and http.request.method eq "GET" and http.request.version in {"HTTP/1.0" "HTTP/1.1" "HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"} and cf.waf.score.class eq "attack" and cf.waf.score.class eq "likely_attack" and cf.waf.score.class eq "likely_clean" and cf.waf.score.class eq "clean" and cf.threat_score gt 2 and http.cookie contains "TOKEN=11111111111111111111111") or (http.cookie contains "TOKEN=" and ip.geoip.continent in {"AF" "AN" "AS" "EU" "NA" "OC" "SA" "T1"} and ip.geoip.asnum eq 33575 and ip.geoip.asnum eq 13335 and http.request.uri.path contains "/:80" and http.request.uri.path contains "/:443" and http.request.uri.path contains "/:53" and http.request.uri.path contains "/:8443")

WAF Rules Arent working

Similar Threads

Similar Threads

Similar Threads