I recently added a subdomain to a site and CF DNS with with A/AAAA.
The subdomain works perfectly and is shown as being proxied correctly, however I’m trying to make a firewall to block all access to the subdomain and it’s having zero effect.
I’ve got a similar rule blocking a page which works fine, but the subdomain one is failing.
Your rule will not match, as the eq operator means equal, and your * would be taken for its face value, not as a wildcard.
You can instead use the hostname field:
(http.host eq "sub.example.com")
Alternatively, you could use Access and create a rule for the subdomain, allowing in only yourself and other authenticated users. This service is free up to 5 authorized users accessing your site in any given month.