Better Filter for Cloudflare Firewall Events

#1

I have created a firewall rules that allowed know bots and low threat score visitors to access my site directly, like this:

However, many request that matches that rule will be logged in Firewall Events:

As you can see, most of them are came from search engine crawlers.

And there is no details about which rules or matches were triggered:

So if there is any way to filter out the allowed requests and enable me only to see the requests that been blocked? I just don’t care how many search engine crawlers have been allowed.

#2
var cfAllowEl = document.querySelectorAll('td[data-label="Action Taken"]');
for (let i of cfAllowEl) {
    if (i.innerHTML === 'allow') {
        i.parentNode.style.display = 'none';
    }
}

Although it works, it is just too ugly…

#3

Seeing as they’d be allowed anyway and you don’t want the reporting on matches then why not just remove the rule?

If you have subsequent rules with a challenge or block action then add a clause to them such as and not (cf.client.bot or cf.threat_score lt 5) to make sure those bots get the same ‘allow’ access as having their own rule.

1 Like