How we add CF Firewall rule for a IP use Proxy HTTP

If you use the “IP Access Rules” function in the Firewall Page, you can only block one IP if it does not use http proxy, if that attacker IP uses http proxy (even L1 transparent proxy) to fake IP, it can still be bypass firewall.
How to use the “IP Access Rules” to prevent those who use http proxy to fake ip and ddos into the system?

With IP access rules you can only block individual IP addresses or entire blocks.

If you want to block proxies you will need to know their IP addresses.

1 Like