Example WAF AntiDDos

hi, can anyone give me an example waf antiddos Cloudflare for the free version?

If I may add here as a really good reference for further cases in terms of security and protection with Cloudflare:

Nevertheless, consider blocking some of the known “bad user-agents”, “crawlers” or “bad ASNs” using below posts:

If you need to block requests and traffic to proxied DNS records (:orange:) to all compatible and supported Cloudflare port’s except port 80 and 443, use the below Firewall Rule:

If using cPanel or some other, which is working over 2083, etc, the above one is good, while also the other could be combined as well (you could whitelist and allow only your IP if you need to access cPanel interface):

  • (http.request.uri.path contains "cpanel") or (http.request.uri.path contains "plesk") or (http.request.uri.path contains "whm")

If using WordPress, consider to add something to your Firewall Rules from below links (including wp-login.php and xmlrpc.php):

Therefore, some Firewall Tips are published here:

Using the search :search: :

We can use Cloudflare Access / Zero Trust (Teams) to protect some admin dashboard:

Nevertheless, do not forget and properly setup the Cache for your website which can help leverage the load and tasks your server has to do for each request:

Last but not the least, kindly see more by reading Cloudflare articles which contain a lot of helpful information for better understanding and usage as well in terms of Security and Protection:

2 Likes

hello, why when i write (http.host contains “mywebsite(.)com” and not cf.edge.server_port in {80 443}) and press Use expression builder it says: The current expression is not supported by the expression builder and will be discarded

Where are you trying to add that? As a regular Firewall Rule, that is a valid expression:

(http.host contains "example.com" and not cf.edge.server_port in {80 443})

in WAF

As a Firewall Rule? I was able to add that at every plan level. Copy/paste mine, and see if it saves.

Oh…were you trying to switch back to Expression Builder mode? If so, you can’t. Expression Builder doesn’t support certain fields that are acceptable in the Expression Editor.

But you can still save it while in Expression Editor mode.

it don’t save

i use free plan and in my waf i can’t see http.host

This is my screen. When I click Deploy, it saves.

1 Like

oh ok it work

hi, why did i put (http.request.version in {“HTTP/1.0” “HTTP/1.1” “HTTP/1.2” “HTTP/2” “HTTP/3” “SPDY/3.1”} and not cf.client.bot)
Action is managed challenge but it still blocks google bot? When I delete that waf, the google bot comes in normally

hi, why did i put (http.request.version in {“HTTP/1.0” “HTTP/1.1” “HTTP/1.2” “HTTP/2” “HTTP/3” “SPDY/3.1”} and not cf.client.bot)
Action is managed challenge but it still blocks google bot? When I delete that waf, the google bot comes in normally

hi, why did i put (http.request.version in {“HTTP/1.0” “HTTP/1.1” “HTTP/1.2” “HTTP/2” “HTTP/3” “SPDY/3.1”} and not cf.client.bot)
Action is managed challenge but it still blocks google bot? When I delete that waf, the google bot comes in normally

hello, how can google bot access my web, when google bot enters my web it is blocked managed challenged by WAF

You can find the rule blocking the bot and add an exception to it to allow the bot.

how? what does this mean

i enabled not cf client bot but it still blocks? i don’t want to delete that waf rule but still want bots to be able to access is there any way?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.