Stress test attack with query string

They attack my website with this query. I want to block the search process temporarily on cloudflare. What kind of rule should I add for this? I am a novice in this regard. :frowning:

Hi! I understand that you need a rule to catch ?query= followed by a random string. You can deploy a custom rule and match based on Query String matching regEx - such a rule would look something like this;

image

Or you can directly submit this as a raw expression as (http.request.uri.query matches "\\?query=.*")

2 Likes

There is no such operator for me.

  • Access to the matches operator requires a Cloudflare Business or Enterprise plan.

You may try creating a similar rule using contains without any regex. (The โ€œ.*โ€ is a regular expression, or regex.)

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.