How to block requests by mask

Hello, please tell me how to correctly in the WAF the blocking of such requests with a random ending, for example:
/news/er3rewf3qr3r
/news/errwrq33r34
/news/erret43qr13

You mean in your Firewall rules? As per:

https://developers.cloudflare.com:8443/ruleset-engine/rules-language/expressions/

I think you should just be able to use something along the lines of:

http.request.uri.path eq  "/news/*"

to block anything on the /news/ path. Possibility you might need to use matches instead of equals but not sure if that’s available to you - it depends on plan level.

So, I tried:
Field Operator Value
URI Path equals http.request.uri.path eq “/news/"
Choose an action (Required)
Managed Challenge
or
Field Operator Value
URI Path Contains http.request.uri.path eq "/news/

Choose an action (Required)
Managed Challenge

But the challenge didn’t happen. My plan level is Pro 20$

Please, somebody help me. My website under attack :((((

Greetings,

How about starting with the below:

Kindly see more by reading Cloudflare articles which contain a lot of helpful information for better understanding and usage as well in terms of Security and Protection:

Kindly, I’d like to ask you to double-check and if you could inspect from which IP and/or User-agent, ASN number are those requests coming from? :thinking:

You could block them by the IP, ASN, User-agent, etc.

If you’d like to block all the requests coming to the /news/something-bla-bla, I’d suggest you to use a Firewall Rule as follows in the example expression/picture from below:

(http.request.uri.path contains "/news/")

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.