When a request gets blocked it's just that: only the request gets blocked. This prevents a potentially malicious request from harming your site.
Depending on your settings in the Auto-ban tab (see IP blocking of repeat offenders), a number of repeated blocked requests within a specific period of time from the same IP address will cause that IP address to be temporarily blocked. For example, you may set it up so that an IP address getting 3 requests blocked within 30 seconds will be temporarily blocked for 15 minutes. The idea here is that someone is likely to be a nuisance and you want them to cool off. However, they might also be a legitimate user getting accidentally blocked (false positive), or just doing something stupid; you don't want to block them forever in this case, therefore a temporary and rather short block -- say, 15 minutes -- is a good compromise.
There is a third level of blocking, again depending on your settings in the Auto-ban tab (see Add persistent offenders to the IP Disallow List). You can set Admin Tools up so that when an IP gets temporarily blocked more than a certain amount of times in a specified time period to get that IP address permanently blocked. For example, you may set it up so that an IP address which gets temporarily blocked three times over the course of an hour gets permanently blocked. Do note that this is disabled by default, as we expect you to get blocked plenty of times while setting up Admin Tools for the first time.
You can find the documentation for all these options in https://www.akeeba.com/documentation/admin-tools-joomla/web-application-firewall.html#waf-configure-autoban
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
