The “WAF Operating Mode“ setting determines whether WebOrion® Protector will block any requests that is deemed as suspicious.
When the WAF is on Passthrough Mode, no requests will be blocked, but only suspicious requests will be logged in the Firewall Event Log.
When the WAF is on Blocking Mode, any requests that are deemed as suspicious will be blocked and also logged.