CF Firewall rules not affecting subdomain

I recently added a subdomain to a site and CF DNS with :orange: with A/AAAA.

The subdomain works perfectly and is shown as being proxied correctly, however I’m trying to make a firewall to block all access to the subdomain and it’s having zero effect.

I’ve got a similar rule blocking a page which works fine, but the subdomain one is failing.

(http.request.full_uri eq “https://sub.example.com/*”)

I’ve tried with various fields and values, URI Full is the only one that handles an entire URI however instead of just a path.

Any help would be appreciated :stuck_out_tongue:

Your rule will not match, as the eq operator means equal, and your * would be taken for its face value, not as a wildcard.

You can instead use the hostname field:

(http.host eq "sub.example.com")

Alternatively, you could use Access and create a rule for the subdomain, allowing in only yourself and other authenticated users. This service is free up to 5 authorized users accessing your site in any given month.

3 Likes

Nailed it. Works perfectly.

Thanks for the quick help :slight_smile:

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.