diff --git a/pkg/acquisition/modules/waap/waap_runner.go b/pkg/acquisition/modules/waap/waap_runner.go
index a90517f6f..e20fd918f 100644
--- a/pkg/acquisition/modules/waap/waap_runner.go
+++ b/pkg/acquisition/modules/waap/waap_runner.go
@@ -150,6 +150,9 @@ func (r *WaapRunner) Run(t *tomb.Tomb) error {
 			r.logger.Infof("Requests handled by runner %s", request.UUID)
 			r.WaapRuntime.ClearResponse()
 
+			request.IsInBand = true
+			request.IsOutBand = false
+
 			WafReqCounter.With(prometheus.Labels{"source": request.RemoteAddr}).Inc()
 			//to measure the time spent in the WAF
 			startParsing := time.Now()
@@ -171,21 +174,25 @@ func (r *WaapRunner) Run(t *tomb.Tomb) error {
 			if in := request.Tx.Interruption(); in != nil {
 				r.logger.Debugf("inband rules matched : %d", in.RuleID)
 				r.WaapRuntime.Response.InBandInterrupt = true
+
+				err = r.WaapRuntime.ProcessOnMatchRules(request)
+				if err != nil {
+					r.logger.Errorf("unable to process OnMatch rules: %s", err)
+					continue
+				}
 			}
 			elapsed := time.Since(startParsing)
 			WafInbandParsingHistogram.With(prometheus.Labels{"source": request.RemoteAddr}).Observe(elapsed.Seconds())
 
 			//generate reponse for the remediation component, based on the WAAP config + inband rules evaluation
 			//@tko : this should move in the WaapRuntimeConfig as it knows what to do with the interruption and the expected remediation
-			err = r.WaapRuntime.ProcessOnMatchRules(request)
-			if err != nil {
-				r.logger.Errorf("unable to process OnMatch rules: %s", err)
-				continue
-			}
 
 			// send back the result to the HTTP handler for the InBand part
 			request.ResponseChannel <- r.WaapRuntime.Response
 
+			request.IsInBand = false
+			request.IsOutBand = true
+
 			err = r.ProcessOutOfBandRules(&request)
 			if err != nil {
 				r.logger.Errorf("unable to process OutOfBand rules: %s", err)
@@ -195,6 +202,14 @@ func (r *WaapRunner) Run(t *tomb.Tomb) error {
 			if in := request.Tx.Interruption(); in != nil {
 				r.logger.Debugf("outband rules matched : %d", in.RuleID)
 				r.WaapRuntime.Response.OutOfBandInterrupt = true
+			} else {
+				continue
+			}
+
+			err = r.WaapRuntime.ProcessOnMatchRules(request)
+			if err != nil {
+				r.logger.Errorf("unable to process OnMatch rules: %s", err)
+				continue
 			}
 
 		}
diff --git a/pkg/waf/env.go b/pkg/waf/env.go
index 50a90d560..2322a6e43 100644
--- a/pkg/waf/env.go
+++ b/pkg/waf/env.go
@@ -38,5 +38,7 @@ func GetHookEnv(w *WaapRuntimeConfig, request ParsedRequest) map[string]interfac
 		"SetHTTPCode":           w.SetHTTPCode,
 		"SetActionByID":         w.SetActionByID,
 		"CancelEvent":           w.CancelEvent,
+		"IsInBand":              request.IsInBand,
+		"IsOutBand":             request.IsOutBand,
 	}
 }
diff --git a/pkg/waf/request.go b/pkg/waf/request.go
index 6fd95834e..49fcfe451 100644
--- a/pkg/waf/request.go
+++ b/pkg/waf/request.go
@@ -74,6 +74,8 @@ type ParsedRequest struct {
 	UUID             string
 	Tx               experimental.FullTransaction
 	ResponseChannel  chan WaapTempResponse
+	IsInBand         bool
+	IsOutBand        bool
 }
 
 // Generate a ParsedRequest from a http.Request. ParsedRequest can be consumed by the Waap Engine