Fire wall rule for website and countries

Hi. I can create a fire wall rule that blocks out certain countries with

country > equals > xxxxxxx
or
country>equals>yyyyyyy

Block

but i cant for the life of me work out how to do this for a certain domain?

e.g. i have scripts on example.com and want to block anything that comes through example.com for country xxxx & country yyyy etc

any pointers?

A certain domain? Firewall rules are always domain specific.

Do you mean for a certain host? That would be done with the host field and a simple AND concatenation.

(http.host eq "" and ip.geoip.country in {""}) should get you started.

for a website i have scripts on, not necessarily the website/ domain i have hosted with cloudflare

If that site is not on Cloudflare you naturally won’t be able to block anything.

my site is on cloudflare, but i put scripts on another website, so i want to block the acccess to those scripts from visitors to that website , when they come from country a, country b, country c etc

I am afraid I am not sure what you mean. If that other site with the scripts is not on Cloudflare you cannot block anything.

Can you post examples with the actual URLs?

my script
e.g.

sits in the source code of example.com

when someone visits example.com, my script fires

i want to block any “user/ visitor” that comes from country a, country b, country c thats is “on/ visits” example.com

I don’t want a “blanket” block of countries a, b, c etc

I have my scripts on a number of sites, so need to block countries based on which website the user is on/ coming from


whats the difference between demo url and real urls?

for visual, this would be like my script:
// script defer src=“scripts/some_script/some_file.js” ></script ///

Well, obviously one can be tested, the other not.

Anyhow, you can only protect URLs which are on Cloudflare. If they are not, you can’t. If they are you just need to set up their firewall configuration according to what was mentioned before.

my script file, the domain is on cloudflare lol


If there is something unclear about what was mentioned before you need to explain that in detail.

Also, check out https://developers.cloudflare.com/firewall/

whats the difference between host and referer?

lol, so its referer i need then, not host, as explained above example.com is the referer then?

Yes, you can block based on the referrer to. Keep in mind browsers do not have to send that header, so that could be missing altogether.

and does a . indicate all subdomains? .example.com

No, if you want to cover all hostnames you will have to use “contains”.

This topic was automatically closed after 30 days. New replies are no longer allowed.