Create WAF rule to block abc.php

hi,
we have WAF rules blocking external requests to https://xyz.com/abc.php.
The rules are extremely easy to bypass.

if we just add “/” behind you are able to hit the abc.php
xyz.com/abc.php/

To make is blocked by anyhow, I have craeted cloudflare_firewall_rule in tf.
code:

resource "cloudflare_firewall_rule" "Block-xyz-com-abc-php" {
  action      = "block"
  description = "Block-xmlrpc"
  filter_id   = cloudflare_filter.https-xyz-com-abc-php.id
  paused      = false
  zone_id     = cloudflare_zone.xyz-com.id
}

resource "cloudflare_filter" "https-xyz-com-abc-php" {
  expression = "(http.request.uri.path contains \"*/abc.php*\")"
  paused     = false
  zone_id    = cloudflare_zone.xyz-com.id
}

but still i can access it by add “/” as xyz.com/abc.php/

Hey,

You may wanna try this instead:

(http.request.uri.path contains "/abc.php")