Can we block a request to hostname:port with Free plan using Firewall or Page rule?

Maybe this was already answered, but I missed up somehow to find information for my clients, so I have to ask:
Recently I was thinking about, if we have some app running and passing requests on the one of the compatible ports with Cloudflare (be it HTTP or even HTTPS), I wounder is it possible to block some requests based on the some condition like Country too?

For example:
( contains "" and ne "US")

Or just:
( contains ":2083" and ne "US")

Or this is available only on Pro (or some higher paid) plans?

Thanks for information

Two years ago I asked @alexcf about blocking ports with firewall rules and he said no, but it’s on their to-do list. I don’t think it’s available yet, as I don’t see that option in Firewall Rules.


Right, thank you for feedback. Hope maybe, if not, will be available in future, if so.

I have managed to get “some kind of a”, but it is not “the thing” :smiley:
One of the examples which I have tried and as far for now is somehow working, using a Page Rule to forward (all) requests to some unexisting Website URL like below:*
Forwarding URL (Status Code: 301 - Permanent Redirect, Url:

But then it redirects all requests - not using a condition like Country and so on - and the app does not have it’s function at all.

Or even to Challenge anyone trying to request it with Security Level “I am under attack”.

Or I could try to block the comming requests at my origin/host to :port, so … the Cloudflare request would be … some 5xx error I guess - again, I would block all the requests (if not using something like GeoIP).

Or even try with “misconfiguring SSL option” for that Page Rule - which would again confuse my app.

But, yes, that is not the right way of using the Cloudflare services I assume.

And just to clearify, as an example using the port 2083 (mostly used with cPanel), it is not a cPanel on the origin running on that port, rather some other app on 2083.

This topic was automatically closed after 30 days. New replies are no longer allowed.

I would like to reply to my post just in case someone else would search for that kind of a solution as I just figured out it is possible to allow only traffic/requests per port like 80 and 443 while block the requests/traffic on a port 2083 and some other compatible (having the hostname :orange: - proxied via Cloudflare) with Cloudflare too using an Firewall rule with the instructions provided from the below article for more help:

Just make sure to manually write the firewall expression in the field.

A list of campatible ports which can be used with Cloudflare can be found on the below article:

Tested and is working as supposed to even on a Cloudflare Free plan.
I am happy to protect my apps over the needed ports which are compatible with Cloudflare and being proxied :orange: cloud from now on :slight_smile:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.