hi,
we have WAF rules blocking external requests to https://xyz.com/abc.php
.
The rules are extremely easy to bypass.
if we just add “/” behind you are able to hit the abc.php
xyz.com/abc.php/
To make is blocked by anyhow, I have craeted cloudflare_firewall_rule in tf.
code:
resource "cloudflare_firewall_rule" "Block-xyz-com-abc-php" {
action = "block"
description = "Block-xmlrpc"
filter_id = cloudflare_filter.https-xyz-com-abc-php.id
paused = false
zone_id = cloudflare_zone.xyz-com.id
}
resource "cloudflare_filter" "https-xyz-com-abc-php" {
expression = "(http.request.uri.path contains \"*/abc.php*\")"
paused = false
zone_id = cloudflare_zone.xyz-com.id
}
but still i can access it by add “/” as xyz.com/abc.php/