I am developing a CF Worker in JS. I would like to evaluate web requests from IPs. However, I only want to evaluate the 1st request an IP does to a webpage / URL. For example, for a Wordpress site, every IP, on every page view makes an average of 25 requests (docs, js, css, imgs, xhr etc.). I only want to evaluate the 1st request.
The idea is to make the CF Worker as efficient as possible, meaning, to spend the less amount of requests possible (process 1 request instead of 25 requests). The idea of the script will be to evaluate the IP, checking that IP against an API service, and either allow or block the IP based on the IP reputation.
I think there are 2 ways of doing this, neither of which is perfectly ideal, nor would guarantee each user/IP is checked or only one request per user/IP is checked.
Make the Worker put the IP in question into a IP List or a Firewall Rule to block it once it’s been deemed unsafe. You will still check all requests, though.
You might want to check only on HTML reqs, which are normally the first one. You’d limit the queries to the first reqs per page, but if someone were to try and do something malicious they might go for one of the other reqs. You could of course update it, in case, though and it’s pretty easy and fast to do so.
I have checked the Request Headers and there is a parameter with the name sec-fetch-dest
If I check that parameter value and I filter only for those requests that have the “document” value on that parameter, will I be able to only evaluate those requests (and save on request quota)?