Can we block a request to hostname:port with Free plan using Firewall or Page rule?

Maybe this was already answered, but I missed up somehow to find information for my clients, so I have to ask:
Recently I was thinking about, if we have some app running and passing requests on the one of the compatible ports with Cloudflare (be it HTTP or even HTTPS), I wounder is it possible to block some requests based on the some condition like Country too?

For example:
(http.host contains "mydomain.com:2083" and ip.geoip.country ne "US")

Or just:
(http.host contains ":2083" and ip.geoip.country ne "US")

Or this is available only on Pro (or some higher paid) plans?

Thanks for information

Two years ago I asked @alexcf about blocking ports with firewall rules and he said no, but it’s on their to-do list. I don’t think it’s available yet, as I don’t see that option in Firewall Rules.

1 Like

Right, thank you for feedback. Hope maybe, if not, will be available in future, if so.

I have managed to get “some kind of a”, but it is not “the thing” :smiley:
One of the examples which I have tried and as far for now is somehow working, using a Page Rule to forward (all) requests to some unexisting Website URL like below:

mydomain.com:2083/*
Forwarding URL (Status Code: 301 - Permanent Redirect, Url: https://www.you-are-redirected.com)

But then it redirects all requests - not using a condition like Country and so on - and the app does not have it’s function at all.

Or even to Challenge anyone trying to request it with Security Level “I am under attack”.

Or I could try to block the comming requests at my origin/host to :port, so … the Cloudflare request would be … some 5xx error I guess - again, I would block all the requests (if not using something like GeoIP).

Or even try with “misconfiguring SSL option” for that Page Rule - which would again confuse my app.

But, yes, that is not the right way of using the Cloudflare services I assume.

And just to clearify, as an example using the port 2083 (mostly used with cPanel), it is not a cPanel on the origin running on that port, rather some other app on 2083.

This topic was automatically closed after 30 days. New replies are no longer allowed.