in the free plan, when viewing security - events or security - analytics, how can one see the port number that was used to reach a site and also filter on that? a lot of good info in the events but why no port numbers?
In Security Events/Analytics it’s part of the Host field, if it’s not the default for the protocol (i.e requests not http to 80, https to 443). You can filter for a semicolon to see just the non-standard port requests
Unless you have a specific case to support requests using those alternative ports other then the defaults for the protocols, you can also create a custom waf rule → Edit Expression and use not cf.edge.server_port in {80 443} to block those alt port requests.
thanks, this is helpful. but in the same lists how does one determine if a request was made over http (port 80) or https (port 443/SSL)? this info is missing for individual line items as well as in filtering options. wonder why.