Bot getting through WAF

emma4 · March 4, 2023, 3:47am

I’m having some trouble with a spam registration bot. I can’t seem to get WAF to shut down the entire route.

This blocks the route and some of the bot requests, but some of the requests are still hitting the server. The route is on a proxied subdomain (orange cloud) e.g. sub.mydomain.com/api/user/register with a CNAME that points to heroku.

I also tried blocking the full URI - but the same issue. It’s blocks a small amount of the bot requests but not all of them.

If anyone has any ideas I would be eternally grateful!

emma4 · March 4, 2023, 7:04am

Update

My bad - I think they had direct access the server for some traffic they were bypassing Cloudflare. I’ve started again with a fresh server and put it on a proxied subdomain and seems to have stopped. Phew!