Maybe this was already answered, but I missed up somehow to find information for my clients, so I have to ask:
Recently I was thinking about, if we have some app running and passing requests on the one of the compatible ports with Cloudflare (be it HTTP or even HTTPS), I wounder is it possible to block some requests based on the some condition like Country too?
(http.host contains "mydomain.com:2083" and ip.geoip.country ne "US")
(http.host contains ":2083" and ip.geoip.country ne "US")
Or this is available only on Pro (or some higher paid) plans?
Thanks for information
Two years ago I asked @alexcf about blocking ports with firewall rules and he said no, but it’s on their to-do list. I don’t think it’s available yet, as I don’t see that option in Firewall Rules.
Right, thank you for feedback. Hope maybe, if not, will be available in future, if so.
I have managed to get “some kind of a”, but it is not “the thing”
One of the examples which I have tried and as far for now is somehow working, using a Page Rule to forward (all) requests to some unexisting Website URL like below:
Forwarding URL (Status Code: 301 - Permanent Redirect, Url: https://www.you-are-redirected.com)
But then it redirects all requests - not using a condition like Country and so on - and the app does not have it’s function at all.
Or even to Challenge anyone trying to request it with Security Level “I am under attack”.
Or I could try to block the comming requests at my origin/host to
:port, so … the Cloudflare request would be … some 5xx error I guess - again, I would block all the requests (if not using something like GeoIP).
Or even try with “misconfiguring SSL option” for that Page Rule - which would again confuse my app.
But, yes, that is not the right way of using the Cloudflare services I assume.
And just to clearify, as an example using the port 2083 (mostly used with cPanel), it is not a cPanel on the origin running on that port, rather some other app on 2083.
This topic was automatically closed after 30 days. New replies are no longer allowed.
I would like to reply to my post just in case someone else would search for that kind of a solution as I just figured out it is possible to allow only traffic/requests per port like 80 and 443 while block the requests/traffic on a port 2083 and some other compatible (having the hostname - proxied via Cloudflare) with Cloudflare too using an Firewall rule with the instructions provided from the below article for more help:
Just make sure to manually write the firewall expression in the field.
A list of campatible ports which can be used with Cloudflare can be found on the below article:
Tested and is working as supposed to even on a Cloudflare Free plan.
I am happy to protect my apps over the needed ports which are compatible with Cloudflare and being proxied cloud from now on
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.