What is the name of the domain?
What is the issue you’re encountering
What should I do if I want to block visitors in a particular browser or operating system language?
What should I do if I want to block visitors in a particular browser or operating system language?
Using Custom WAF Rules, you could achieve it by blocking the particular User-agent with full name, otherwise partially to catch multiple of them incl. version of the Web browser, etc.
Helpful article of the syntax for user-agent string:
Some examples:
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0
From above examples, we can see parts like X11; Linux
and Windows NT
as well.
Therefrom, following the step-by-step instructions from the article below we could do it like:
You’d have to figure out at least a part of the user-agent string.
However, nowadays there are Web browser extensions with which the attacker could change the Web browser user-agent string to some other, therefrom your WAF rule might not be triggered and the attacker that way could bypass your security.
thank you.
But I mean just browser language or operating system language, so what should I put in “value”?
For example, the browser language I need to block is “English (US)”.
It is possible.
See below example as expression of a Custom Firewall Rule and in picture:
(any(http.request.headers["accept-language"][*] in {"hr" "fr-CH" "en" "de"}))
From above expression, any request coming from a Web browser which accepts languages will be blocked and presented with the default Cloudflare block webpage which looks like below:
In picture here:
Helpful article for your case:
Furthermore, I’d have to say it’s a bit tricky with “language”, because:
You can always combine, like if User-agent contains Windows and Header accept-language is in en, de … with action block to block anyone coming from Windows and who has their language set to en or de.
E.g.:
Thank you very much for your kind help.
I fully followed your instructions, but unfortunately, the blocking did not work.
I don’t know what went wrong.
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.