What should I do if I want to block visitors in a particular browser or operating s

What is the name of the domain?

example.com

What is the issue you’re encountering

What should I do if I want to block visitors in a particular browser or operating system language?

Using Custom WAF Rules, you could achieve it by blocking the particular User-agent with full name, otherwise partially to catch multiple of them incl. version of the Web browser, etc.

Helpful article of the syntax for user-agent string:

Some examples:

Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0

From above examples, we can see parts like X11; Linux and Windows NT as well.

Therefrom, following the step-by-step instructions from the article below we could do it like:

You’d have to figure out at least a part of the user-agent string.

However, nowadays there are Web browser extensions with which the attacker could change the Web browser user-agent string to some other, therefrom your WAF rule might not be triggered and the attacker that way could bypass your security.

2 Likes

thank you.
But I mean just browser language or operating system language, so what should I put in “value”?
For example, the browser language I need to block is “English (US)”.

It is possible.

See below example as expression of a Custom Firewall Rule and in picture:

(any(http.request.headers["accept-language"][*] in {"hr" "fr-CH" "en" "de"}))

From above expression, any request coming from a Web browser which accepts languages :croatia: :fr: :england: :de: will be blocked and presented with the default Cloudflare block webpage which looks like below:

In picture here:

Helpful article for your case:

Furthermore, I’d have to say it’s a bit tricky with “language”, because:

  1. User can have English :england: :uk: as default language on it’s OS
  2. User can have his mother language (first language) set to Croatian :croatia: in Firefox/Chrome while downloading it and never changing it to some other
  3. User can be on a holiday, or live and work, or study in another country like Portugal :portugal: , therefore have an network IP address from Portugal :portugal:
  4. Despite being in Portugal, user could use VPN and behave like it’s coming from 3rd country like USA :us:
  5. User if he would figure it out, could set to :cn: and use translate to his understanding language to see the content, etc. but this are some exceptions and advance things which I hope would not be applicable in your case

You can always combine, like if User-agent contains Windows and Header accept-language is in en, de … with action block to block anyone coming from Windows and who has their language set to en or de.

E.g.:

1 Like

Thank you very much for your kind help.
I fully followed your instructions, but unfortunately, the blocking did not work.
I don’t know what went wrong.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.