Block double slash requests

Hi,

I am trying to block double slash requests such as “//?author=” using Firewall rules, but I can’t get it to work. I followed another thread here and I still cannot get it to work. I am a free user and tried the “http.request.full_uri” method, as shown in the linked thread.

Any help here would be appreciated.

Thanks.

Can you post the exact expression you tried?

We have tried the following when creating a Firewall Rule:

Field: URI Full
Operator: Contains
Value: https://www.example.com//?author=

We have also tried the following, but still can’t get it to work:

Field: URI Full
Operator: Contains
Value: https://www.example.com//

Rules are placed as position one in the rule list and have no other conditions amongst them. Action is set to Block.

Thanks.

I can’t say whether it actually worked back in April, but I just ran a quick test and it would appear the URL is normalised for http.request.full_uri as well. Based on that I would assume it currently is not possible to check for double slashes with a firewall rule. You might be able to do this with a Worker, but even there it might be already being normalised before its sent onwards to the Worker.

Otherwise you could probably only use the WAF rule.

Workers actually appear to get the full URL, so you should be able to implement that block with Worker.

1 Like

Thank you for your research and testing, we appreciate it.

We will certainly look into that. Thanks again.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.