If you have deployed a WAF, you need to whitelist requests coming from ImageKit.io servers. All requests to your origin server from ImageKit will have the following header in the request:
"x-req-from" : "imagekit"
You can whitelist these IP addresses currently used by ImageKit.io to fetch images from your origin.
Questions?
If you need help, please write to us at support@imagekit.io.