How to block Query string contains match

my path /open.php
and Query string id=dsfgfdgfdgfd
i want to block if use id=54ds445 (Any number in Query string)

Including any a-z character too or? :thinking:

Might require higher Paid plan due to the usage of the Regex to match only numbers, if so.

Despite this, below WAF Firewall Expression Rule would block any URL request which contains the id=:
(http.request.uri.query contains "id=")


To block a query string containing any number in the URL, you can create a Firewall Rule in your Cloudflare dashboard:

  1. Login to Cloudflare and select your domain.
  2. Click on “Firewall” > “Firewall Rules” > “Create a Firewall rule”.
  3. Set the rule name, e.g., “Block Query with Number”.
  4. Under “Field”, choose “URI Query”.
  5. Set the “Operator” to “Contains”.
  6. Enter the following expression in the “Value” field: id=
  7. Set “Action” to “Block” and click “Deploy”.

Helpful article:

1 Like