What is the name of the domain?
What is the issue you’re encountering
How to order firewall rules to block a few bots from known-bots list
What are the steps to reproduce the issue?
Hello,
We have two WAF rules, one is a skip and another is a block rule, both containing multiple actions.
The skip rule contains the known-bots action so these are allowed.
However, a few of those bots need to be blocked. If I put those in the block rule, listed as second one, they don’t get blocked because they were already allowed in the first skip rule.
So how to I block those bots, where do I put that action in which order?
Rules are evaluated top to bottom, and if a request matches the “Skip” rule, any rules below it, including your “Block” rule, won’t be applied.
To solve this, you can create a Block rule for the specific bots you need to deny access to, based on identifiers like User-Agent, IP, or ASN. This Block rule should be placed above the “Skip” rule in the rule order. With this setup, Cloudflare will first check for a match with the “Block” rule and block those bots before the “Skip” rule is applied.
Another option if you do not want to create an additional rule, is to instead ensure that the “Skip” rule doesn’t include those bots, or exclude them explicitly in the expression.