Why Review Blocked Traffic
Regular review helps you:
- Identify false positives
- Understand threat patterns
- Optimize your rules
- Balance security and access
Step 1: Access Blocked Traffic Reports
- Open SecurEcommerce
- Navigate to Analytics or Reports
- Select Blocked Traffic
Step 2: Understand the Data
Block Reasons
See why visitors were blocked:
- Country blocking
- VPN detection
- IP blocklist
- Region blocking
Geographic Distribution
Where blocked traffic comes from:
- Expected if you’re blocking those countries
- Unexpected patterns warrant investigation
Volume Trends
How much traffic is being blocked:
- Sudden spikes may indicate attacks
- Gradual increase may indicate rule creep
Time Patterns
When blocking occurs:
- Business hours vs. off-hours
- Patterns matching attacks
Step 3: Look for Problems
Signs of False Positives
- Customer complaints
- Blocked traffic from allowed countries
- High block rate on VPN (if you allow VPN)
Signs of Attacks
- Sudden spike in blocked traffic
- Concentrated from specific regions
- Patterns matching known attack types
Signs Rules Need Adjustment
- Very low block rates (rules too loose?)
- Very high block rates (rules too tight?)
- Patterns not matching threats
Step 4: Take Action
If False Positives Found
- Loosen relevant rules
- Consider whitelist for affected parties
- Update custom messages
If Attacks Detected
- Maintain or tighten rules
- Consider additional blocking
- Monitor for escalation
Regular Maintenance
- Remove unnecessary blocks
- Update rules for current threats
- Document changes
Review Frequency
Weekly
- Quick check of volumes and patterns
- Look for obvious issues
Monthly
- Detailed analysis
- Rule effectiveness review
- Customer feedback correlation
After Changes
- Review impact of rule changes
- Look for unexpected effects
What Good Looks Like
Healthy Blocking Profile
- Blocked traffic mostly from intended targets
- Low customer complaints
- Stable volumes (unless threat increases)
- Clear patterns matching your rules