Cloudflare doesn't block a bot

#21

At least this shows the rule is working, it’s just this attacker isn’t being deemed bad enough.

Looks like you may need to ban them in another way - seeing as you now have their IP in the Cloudflare log you could try banning that or the associated ASN? Or maybe check if they are passing a referrer - you could block POSTs to your URL that don’t have the correct referrer? Or maybe get their user agent and define a ‘User-Agent’ block on that?

#22

Sounds like it’s gonna work. But how can I tell if the referer is correct?

#23

It’ll just be the URL of the page which the legitimate user is on when they click the button that takes them to the POST.

But if you’re not sure you could always try http.referer contains "yourdomainname.com"

EDIT: I’d probably add the user-agent block too.

#24

If you can determine the bot’s user agent (i.e. “python-requests/2.2.1 CPython/2.7.6 Linux/3.13.0-161-generic”), you can create a User Agent rule under the Tools tab.

closed #25

This topic was automatically closed after 14 days. New replies are no longer allowed.