diff --git a/internal/waf/action_base.go b/internal/waf/action_base.go
index e0e6bec..d3a0026 100644
--- a/internal/waf/action_base.go
+++ b/internal/waf/action_base.go
@@ -2,20 +2,5 @@
 
 package waf
 
-import "net/http"
-
 type BaseAction struct {
 }
-
-// CloseConn 关闭连接
-func (this *BaseAction) CloseConn(writer http.ResponseWriter) error {
-	// 断开连接
-	hijack, ok := writer.(http.Hijacker)
-	if ok {
-		conn, _, err := hijack.Hijack()
-		if err == nil {
-			return conn.Close()
-		}
-	}
-	return nil
-}
diff --git a/internal/waf/action_get_302.go b/internal/waf/action_get_302.go
index 8cf37d6..9dffd05 100644
--- a/internal/waf/action_get_302.go
+++ b/internal/waf/action_get_302.go
@@ -66,7 +66,7 @@ func (this *Get302Action) Perform(waf *WAF, group *RuleGroup, set *RuleSet, requ
 
 	// 关闭连接
 	if request.WAFRaw().ProtoMajor == 1 {
-		_ = this.CloseConn(writer)
+		request.WAFClose()
 	}
 
 	return true
diff --git a/internal/waf/action_post_307.go b/internal/waf/action_post_307.go
index cfc0bb5..4eb4393 100644
--- a/internal/waf/action_post_307.go
+++ b/internal/waf/action_post_307.go
@@ -82,7 +82,7 @@ func (this *Post307Action) Perform(waf *WAF, group *RuleGroup, set *RuleSet, req
 	http.Redirect(writer, request.WAFRaw(), request.WAFRaw().URL.String(), http.StatusTemporaryRedirect)
 
 	if request.WAFRaw().ProtoMajor == 1 {
-		_ = this.CloseConn(writer)
+		request.WAFClose()
 	}
 
 	return true
diff --git a/internal/waf/action_record_ip.go b/internal/waf/action_record_ip.go
index 353b6f9..58546b5 100644
--- a/internal/waf/action_record_ip.go
+++ b/internal/waf/action_record_ip.go
@@ -90,7 +90,9 @@ func (this *RecordIPAction) Perform(waf *WAF, group *RuleGroup, set *RuleSet, re
 	expiredAt := time.Now().Unix() + int64(timeout)
 
 	if this.Type == "black" {
-		_ = this.CloseConn(writer)
+		writer.WriteHeader(http.StatusForbidden)
+
+		request.WAFClose()
 
 		SharedIPBlackList.Add(IPTypeAll, request.WAFRemoteIP(), expiredAt)
 	} else {