Unlike WAF v2 , the v1 product does not have custom rules for blocking IP , so you will need to do this at the IIS Level still

When the WAF forwards the request it tags on “x-forwarded-for” to the HTTP header and leaves the c-ip ( client IP ) the same

By Default IIS will check IP Address Domain and Restrictions list on the site and block the c-ip ( client IP ) using this list. 

Enabling Proxy Mode ( In IIS 8 and up ) means it will also adhere to the x-forwarded-for , but you will need to add the Subnet of the WAF ( as it picks a different IP each time ) to the allow list as well or the Health probe won’t be able to make sure the site is UP