Comma separated lists for Operators in Firewall?

Hi
I want to use the Cloudflare firewall to block requests for an operator that contain several items and wondered if I could do that all one one line instead of adding several more lines to the rule.

Can I do this for instance:-

URI Path Contains sql.php,backups,phpunit

Instead of having to create a line for each item like this:-

URI Path Contains sql.php
AND
URI Path Contains backups
AND
URI Path Contains phpunit

Also if I can put multiple comma separated items on one line in a rule is this true for all operators. Would it also work for “Hostname” “User Agent” “Country” “AS Num” etc

Would be most grateful for any help.

Best regards

John

You can’t.

If you are on a Business plan, you could use a regular expression.

(http.request.uri.path matches "sql\.php|backups|phpunit")

If you are talking about exact matches, then you can use in instead.

Plus, you should use or.

Hi Sandro

Thank you very much for your help.

I am on the free plan, so will just stick with separate lines

I use AND where I want to block requests just under certain matched conditions like only block a request by an AS number if the user agent doesn’t contain “seobility” AND doesn’t contain “cookiebot” etc.

Thank you once again.

Best regards
John

Sure, if you want to apply it to requests where all these strings are present, then you’ll need and.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.