Use firewall to block every word like xyz

Hello,
Is there any available solution to the Firewall Rules, where I can block every user/visitor that uses the word eg “xyz” ?

My problem is that I have spam registrations and visits to my sites from domains.xyz

Thanks!

How do you define use? But, no, most likely not.

(http.referer contains ".xyz") might work, however be aware this will block all requests with referrers with such a value, even from your own site if it contains that string.

Eg,
When a user try to register with [email protected] then block it.
When a user try to comment with [email protected] then block it.

You best do this server-side. Via firewall rules this is difficult to impossible. Only if this data is part of the URL, you could do it and need to use the right expressions.

Your best bet would be a Worker script.

Yes, this is exactly what I am thinking about. Do you have an example please?

https://developers.cloudflare.com/firewall/ has all of that.

Yes, but I did not find anything specific.

Thanks for your time.

I am not sure what you mean by specific. That link covers the entire firewall engine and you just need to configure it to your needs.

:wave: @blbdeveloper,

Firewall rules are unlikely to be a good mechanism for enforcement as @sandro indicated. You could write some regex specific to your application (insufficient data in the thread to write a meaningful example and to write a version that sucked only moderately is probably a nice consulting level project).

Workers or (probably better) server based logic to block domains you don’t want to allow is probably a better choice. I suppose In theory once could use Access with a OTP rule to prevent users who authenticate from certain domains from accessing a site entirely as well, but unlikely to be a desirable implementation for most websites.

tl;dr Firewall rules aren’t the right tool for the job.