Block X-Requested-With headers

Hello, I’m getting a lot of traffic from a certain header called “app.yuasha”, how do I block it?

Could someone tell me a specific WAF rule for this? I’m a PRO Plan.

Screenshot_153.png

Sure, just go to Security → WAF → Custom Rules → Create Rule (Magic Link: https://dash.cloudflare.com/?to=/:account/:zone/security/waf/custom-rules/new),
Field Header
Name x-requested-with (header names are case-insensitive and must be lowercase with custom rules)
operator equals
Value app.yuasha


Action: block

If you wanted to block multiple, you could use operator: is in and type them out.
(100 requests isn’t exactly a lot of traffic though, I wouldn’t be too concerned/trying to constantly block those requests unless they’re actually causing issues/high in volume)

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.