Firewall allowlist based on header only - IP is NOT an option

dev249 · November 20, 2023, 12:50pm

Hi
First time poster here so I apologise if i break protocol on anything here.

I have a long standing provider (Glopal) who process international orders for my website.
After a number of seamless years, we have found that their connections are now being blocked by my cloudflare firewall.
The only active rule is “Sharkgate Sentinal” (block if ip.src in $sharkgate_threatdb)

Due to the nature of their business it is not possible to allowlist by IP address as there are thousands of them worldwide.

They have asked me to allowlist Glopal in the Cloudflare firewall allowing requests having x-glopal header.

After searching my settings and help topics I am unable to find where/how this is achieved.

Please can somebody explain how I would do this?
If it matters I am on a free account which I believe may have limited WAF features.

Thankyou

sjr · November 20, 2023, 1:00pm

[deleted to avoid confusion]

dev249 · November 20, 2023, 1:10pm

Thankyou SJR

I had looked at the section and was unsure if this is what they had meant.
I will try to implement it in both ways and then monitor the results.

sjr · November 20, 2023, 1:10pm

Sorry, it isn’t a user agent, it’s a header. Ignore what I said.

If there’s no specific content for the x-glopal header, then this may work just to check for the presence of it. You’d need to try it as I’m not sure.

dev249 · November 20, 2023, 1:18pm

Thankyou for the update

I will try that also.
Based on your previous post, I was able to unblock traffic from another provider using the user agent field.

I am sure I can work out a solution based on your info.

Many thanks

system · December 5, 2023, 1:19pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.