Account-Wide Firewall Rules

This would be great to have. At the moment, I’m blocking all XMLRPC.php bot requests, and need to do this site by site with the following expression:

(not ip.src in {} and http.request.uri.path contains “xmlrpc.php”)

It would be great to simply input this in a single account-wide setting.

Thank you.

I use a bigger hammer. I track down the ASN of those because it’s usually a VPS host that shouldn’t be hitting my site. And then block it for all domains. But I do agree. I have a hefty firewall expression that I copy/paste to many of my domains.

Funny thing, though. The Allow/Deny firewall tool is the only account-wide setting I can readily think of. All other settings are per-zone only.

1 Like

Ip lists came out last week and that might help? So your rule could be if ip in list.

I don’t think the IP lists can be combined with specific URL’s yet.