Hi Team,
I have a requirement to provide captcha for specific page if any user accessing the that page for 10 times in 60 seconds need to send captcha challenge, This thing has to happen repeatedly for every 10X access attempts catpcha need to trigger for user to make sure that is a human.
Here is the rule I have tried.
rate rule:
URL Contains " /example/page1/" Action "count rate" context is session.
Security rule:
CustomRate >= {rate-rule;10} Rule Action " Required Captcha support"
with above rule : the Captcha is coming for only first 10 request attempts, once we clear the captcha challenge it will not ask for captcha for another 10 continus attempts.
If any experts can help me on this rule would be help ful.
We need a rule that every 10x attempts Captcha need to be produced by context of session/IP address.
#CloudWAF(formerlyIncapsula)------------------------------
Madhu Gudla
------------------------------