This bypass technique targets WAFs provided by CDN services such as Akamai and Cloudflare. When a website uses a CDN, the traffic passes through the CDN's WAF, which filters requests to protect against attacks like XSS, SQLi, RCE, and others. However, if an attacker can discover the website's original server IP address, they can send requests directly to that IP and avoid the CDN's WAF filtering. Essentially, the WAF is bypassed because it only monitors traffic going through the CDN, not direct requests to the origin server. This bypass can be dangerous because it eliminates the protection offered by the WAF. To mitigate this, it's crucial to hide the origin IP by configuration or firewall rules so that direct access to the original server is blocked or limited.