Overview
You can use this document to troubleshoot when the WAF displays a security screen to your users. In some cases, the security screen may block a request or ask your user to complete an action, such as a Captcha.
When your user is presented with this security screen, a reference ID is displayed. To use this document, you must have that reference ID available so that you can search through your requests and determine why a security screen was displayed to your user.
- To learn more about WAF security screens, see Sanction Screens.
View Requests
- In the StackPath Control Portal, in the left-side navigation, click Sites.
- Locate and select your desired site.
- This action will refresh the portal.
- In the left-side navigation, click Analytics.
- Select the WAF tab.
- Under Requests, click the Select Field drop down menu and select Reference ID. Enter the Reference ID for the request.
- This action will display all requests with matching Reference IDs. You can use this information to find possible patterns in the requests.
- This action will display all requests with matching Reference IDs. You can use this information to find possible patterns in the requests.
- Select the rule name for a specific request to view detailed information about the rule and the triggered request, such as HTTP method, client IP, country of origin, user agent, and more.
- Based on this information, determine why the user was blocked or presented with a security screen. Specifically, determine if the user displays acceptable behavior to access your site, or if the user should remain blocked.
- Use the above information to create a custom rule specifically to allow or block the user.
- To learn more, see our WAF Rules article.
- Use the above information to create a custom rule specifically to allow or block the user.