Here is my expression code :
rule 1 : (not ip.geoip.country in {“VN”} and not cf.client.bot)
rule 2 : (ip.geoip.asnum in {16509 15169} and not cf.client.bot)
In the rule 1, the weird thing is i need to have “not.cf.client.bot” while i already have rule 2, which mean if i have rule 1 without “not cf.client.bot”, google can not crawl my site, so, if i want google (known bots - cloudflare) crawl my website, i need to have 2 expressions “not cf.client.bot” in both rule 1 and rule 2 ?
Block anything not from VN - so without and not cfclient.bot you block all bots that are outside of VN - so this blocks Amazon & Google
Block anything from Amazon and Google that is not cf.client.bot
So Amazon and Google will almost always be blocked by rule one except if/when they use IP’s inside VN (dont know if they have a presence in VN? - A bit of googling about google says that they have done since 2019)
Also the approach from @Laudian make subsequent rules simpler as you handle bots from anywhere in one step
See, your rule nr1 is as follows: (Not from Vietnam)
Google’s crawler is not from Vietnam, so from Vietnam is false: (not false)
This solves to: (true)
(A result of true means block, while false means the next rule is evaluated)
Your changed rule is this: (Not from Vietnam) AND (not verified bot)
Google is still not from Vietnam, and it is a verified bot, so the expression solves as follows: (not false) AND (not true)
Solves as follows:: true AND false true AND false is false, so: false