Block reason
Filter observability data by block reason to understand when a request to your web project was blocked by Netlify and why from your Observability dashboard.
Netlify evaluates each request through security, caching, compute, and routing layers until a response is generated.
Netlify’s web security checks include:
- Firewall Traffic Rules
- Web Application Firewall (WAF)
- Rate Limiting
- Password Protection
For more details about the processing order, check out our request chain documentation.
Block reasons
Section titled “Block reasons”| Block Reason | Description | Learn More |
|---|---|---|
| Rate limited | Request was blocked by Netlify’s rate limiting feature because the web request details matched a rule in the rate limiting rules to block certain traffic. | Rate limiting |
| Firewall Traffic Rules | Request was blocked by Netlify’s firewall traffic rules feature because the web request details matched a rule in the firewall traffic rules to block certain traffic. | Firewall traffic rules |
| WAF | Request was blocked by Netlify’s WAF (Web Application Firewall) feature because the web request details matched a rule in the Web Application Firewall (WAF) ruleset to block certain traffic. | WAF |
| Password protection | Request was blocked by Netlify’s password protection feature because the site visitor, bot, etc. did not enter the correct password to access your project URL. | Password protection |
| SSO failed login | Request blocked by failed SSO login when your project has Netlify identity (deprecated) enabled. | |
| SSO login | Request blocked by SSO login when your project has Netlify identity (deprecated) enabled. | |
| No block reason | No block reason is recorded for requests within the selected time frame. Request is not blocked by Netlify’s Advanced Web Security features, such as Web Application Firewall, Traffic Rules, or Rate Limiting. |
Blocked requests not shown in Observability
Section titled “Blocked requests not shown in Observability”Observability does not display all blocked requests.
Requests blocked by Netlify’s network-level DDoS protection do not appear in Observability’s blocked request metrics or total request counts.
If you use a third-party firewall in addition to Netlify’s built-in protection, requests blocked by that firewall also will not appear in Observability.
Did you find this doc useful?
Your feedback helps us improve our docs.