[Bug] 切换应用防护模式后,BOT防护未开启但请求仍被拦截
Published 9 months ago
# Github Issue
Published 9 months ago
defaultw
Updated 9 months ago
0
What happened?
切换应用防护模式后,BOT防护未开启但请求仍被拦截,waf版本为9.2.1
How we reproduce?
- 关闭应用的 BOT 防护功能;
- 将应用防护模式切换为 “观察模式” 并保存配置;
- 再次将应用防护模式切换回 “防护模式” 并保存配置;
- 请求受防护的应用接口,此时请求被错误拦截,并返回 468状态码。
Expected behavior
当切换回“防护模式”且未开启 BOT 防护时,请求应被正常放行并访问成功。
Error log
应用访问日志:
1127.0.0.1 - - [24/Aug/2025:18:46:24 +0800] "GET /webhook/8f68236f HTTP/1.1" 468 14861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" "180.x.x.x" 2127.0.0.1 - - [24/Aug/2025:18:50:51 +0800] "GET /webhook/814a63e6 HTTP/1.1" 468 14861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" "180.x.x.x" 3127.0.0.1 - - [24/Aug/2025:18:51:07 +0800] "GET /webhook/8f68236f HTTP/1.1" 468 14861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" "180.x.x.x" 4127.0.0.1 - - [24/Aug/2025:18:52:14 +0800] "GET /webhook/8f68236f HTTP/1.1" 468 14861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" "180.x.x.x" 5127.0.0.1 - - [24/Aug/2025:18:53:05 +0800] "GET /webhook/8f68236f HTTP/1.1" 468 14861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" "180.x.x.x"
admin10101010
Updated 8 months ago
0
在未开启BOT防护时同样遇到大量拦截行为,只有切换到“观察模式”时才能正常访问网站,这个错误影响范围过大。