Firewall allowlist based on header only - IP is NOT an option

First time poster here so I apologise if i break protocol on anything here.

I have a long standing provider (Glopal) who process international orders for my website.
After a number of seamless years, we have found that their connections are now being blocked by my cloudflare firewall.
The only active rule is “Sharkgate Sentinal” (block if ip.src in $sharkgate_threatdb)

Due to the nature of their business it is not possible to allowlist by IP address as there are thousands of them worldwide.

They have asked me to allowlist Glopal in the Cloudflare firewall allowing requests having x-glopal header.

After searching my settings and help topics I am unable to find where/how this is achieved.

Please can somebody explain how I would do this?
If it matters I am on a free account which I believe may have limited WAF features.


[deleted to avoid confusion]

Thankyou SJR

I had looked at the section and was unsure if this is what they had meant.
I will try to implement it in both ways and then monitor the results.

Sorry, it isn’t a user agent, it’s a header. Ignore what I said.

If there’s no specific content for the x-glopal header, then this may work just to check for the presence of it. You’d need to try it as I’m not sure.

Thankyou for the update

I will try that also.
Based on your previous post, I was able to unblock traffic from another provider using the user agent field.

I am sure I can work out a solution based on your info.

Many thanks

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.