Fire wall rule for website and countries

Hi. I can create a fire wall rule that blocks out certain countries with

country > equals > xxxxxxx


but i cant for the life of me work out how to do this for a certain domain?

e.g. i have scripts on and want to block anything that comes through for country xxxx & country yyyy etc

any pointers?

A certain domain? Firewall rules are always domain specific.

Do you mean for a certain host? That would be done with the host field and a simple AND concatenation.

( eq "" and in {""}) should get you started.

for a website i have scripts on, not necessarily the website/ domain i have hosted with cloudflare

If that site is not on Cloudflare you naturally won’t be able to block anything.

my site is on cloudflare, but i put scripts on another website, so i want to block the acccess to those scripts from visitors to that website , when they come from country a, country b, country c etc

I am afraid I am not sure what you mean. If that other site with the scripts is not on Cloudflare you cannot block anything.

Can you post examples with the actual URLs?

my script

sits in the source code of

when someone visits, my script fires

i want to block any “user/ visitor” that comes from country a, country b, country c thats is “on/ visits”

I don’t want a “blanket” block of countries a, b, c etc

I have my scripts on a number of sites, so need to block countries based on which website the user is on/ coming from

whats the difference between demo url and real urls?

for visual, this would be like my script:
// script defer src=“scripts/some_script/some_file.js” ></script ///

Well, obviously one can be tested, the other not.

Anyhow, you can only protect URLs which are on Cloudflare. If they are not, you can’t. If they are you just need to set up their firewall configuration according to what was mentioned before.

my script file, the domain is on cloudflare lol

If there is something unclear about what was mentioned before you need to explain that in detail.

Also, check out

whats the difference between host and referer?

lol, so its referer i need then, not host, as explained above is the referer then?

Yes, you can block based on the referrer to. Keep in mind browsers do not have to send that header, so that could be missing altogether.

and does a . indicate all subdomains?

No, if you want to cover all hostnames you will have to use “contains”.