I’ve reviewed firewall rules and it looks to me like the purpose of the fw rules are to protect the entire site, but I wonder if it’s possible to protect a single FQDN. I have a couple of FQDNs in my root domain that I’d like to apply geo-blocking to. Is it possible to create a rule that names an FQDN or FQDNs that I can apply geo-blocking to while leaving the rest of my FQDNs unblocked? Right now my thought is I’d have to seperate the sites that need blocking from those that don’t so I can do this at a site level rather than at an FQDN level, but I’m hoping I’m wrong.
You mean the rules under Firewall → Firewall Rules on the dashboard? You can for example combine the Hostname (FQDN) with other fields such as the Country. Is that what you’re looking for?
Yeah sort of, to be clear, let’s say I have domain foo.com as a CF site, and I want to protect docs.foo.com and downloads.foo.com with geo-blocking, but I don’t want to protect www.foo.com. The expression builder gives me some fairly basic conditional expressions, but I’d need a more complex expression something like:
((http.host eq “docs.foo.com”) or (http.host eq “downloads.foo.com”)) and ((ip.geoip.country eq “AF”) or (ip.geoip.country eq “CN”))
Would my grouping perform as expected? Are there unexpected or unanticipated behaviors that might crop up doing something like this?
Clearly an error in this expression might have unanticipated results, but is this a good idea or should I just create separate sites for downloads.foo.com and docs.foo.com?
Interesting, thanks for that. That really simplifies things.
One last question, what’s the difference between “contains” and “is in”? My assumption is “contains” would be a string and “is in” would be a list, is that it?
