Custom Filter Threat Protection


I was trying to set up the Custom filter threat protection rule. documentation seems to be pretty forward in implementing it but when testing it, it seems to block all incoming requests including the supposed to be valid request.

I have noticed that when “forwardRequest” is set to false, I am getting 403 as expected.
but when “forwardRequest” is set to true, i am expecting the request to be forwarded to the downstream endpoint, but it is giving me 500 with empty response body.


Hi Mark,
can share the IS Service used in the custom filter.