Firewall or page rule - block every country except NL, for all subdomains only


how can I block every country with a firewall rule except the Netherlands (in my case)?
but ONLY for my subdomains…?

so my root domain should remain accessible for everyone in the world (e.q.
but + etc… needs to be blocked from every country except the Netherlands.
is there a way to use a wildcard? (*)

Thanks in advance.

This should be the easier way to do that.

1 Like

thanks for your reply. I have tried your suggestion but it seems that other countries can still reach my subdomain (I have tested with a proxy)

( ne “” and ne “NL”)

this is also not working:
(not contains “” and ne “NL”)

Is your main website contains www in front of your domain name?

Hi eric
No iam only using or

I have just tested Eric’s rule on my own domain and it works as expected, make sure you don’t have another Firewall rule that is allowing them through, and ofcourse make sure that you replace with your own domain


So it works if you’ve got 1 subdomain right? But i have like 86 subdomains which i want to block.
So is there a way to block all countries for all of my subdomains by using a wildcard for instance?
except the rootdomain and the Netherlands

That’s exactly what Eric’s rule does, by saying hostname does not equal

I have tested it with CNAME and A records and it blocks both of them (when I am not in the matching country), and allows me when I am

1 Like

it works now , thanks to Eric’s solution. I had cloudflare disabled on the site, stupid…
thanks for the support!!!

Thanks for testing it out @soldier_21

@johnboesh the firewall expression that I shared earlier will do the same thing, so we don’t have to go through the hassle of using regular expressions to match wildcard subdomains.

Anyway, try to visit your website with the proxy again, by adding this URL path: /cdn-cgi/trace. It would be something like this for example:

After that, share with us your loc value.

Great to see that. You are welcome. Please ignore my previous reply.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.