WAF implementation best practice by hostname

What is the name of the domain?

panpac.co.nz

What is the issue you’re encountering

I’d like to implement WAF with bot protection and best practice but I need to do this gradually on a per hostname basis not blanket domain to avoid issues.

What steps have you taken to resolve the issue?

We currently use cloudflare for DNS. We VIP public IP’s to internal addresses for a few services through firewalls. Whilst we have security on the firewalls i’d also like to add this at the domain layer but changes like bot protection seem to be accross the board. I need to be able to test things on a per hostname basis to make sure there is no impact. Are there any guides or recommendations on how to do this? I’ve seen custom rules and started out with something simple hostname = x AND country is in US, NZ. currently not seeing anything in analytics to show if anything is being blocked by this rule. We are on the Pro plan.
Appreciate any advise.

Hi there,

You can get on the Enterprise plan, to onboard subdomains (hostname level) as a zone.
Currently WAF/DDoS protections are at zone level.

Please check this documentation:

Thank you.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.