Account-Wide Firewall Rules

This would be great to have. At the moment, I’m blocking all XMLRPC.php bot requests, and need to do this site by site with the following expression:

(not ip.src in {122.248.245.244/32 54.217.201.243/32 54.232.116.4/32 192.0.80.0/20 192.0.96.0/20 192.0.112.0/20 195.234.108.0/22 192.0.96.202/32 192.0.98.138/32 192.0.102.71/32 192.0.102.95/32} and http.request.uri.path contains “xmlrpc.php”)

It would be great to simply input this in a single account-wide setting.

Thank you.

I use a bigger hammer. I track down the ASN of those because it’s usually a VPS host that shouldn’t be hitting my site. And then block it for all domains. But I do agree. I have a hefty firewall expression that I copy/paste to many of my domains.

Funny thing, though. The Allow/Deny firewall tool is the only account-wide setting I can readily think of. All other settings are per-zone only.

2 Likes

Ip lists came out last week and that might help? So your rule could be if ip in list.

I don’t think the IP lists can be combined with specific URL’s yet.

This would be great to have, please.

IP lists can be used from within the Firewall Rules, so you can combine them with whatever you want.