Rules of Cloudflare Firewall for Block Bad Bot and Exploiting. Made by Safeness
- Important: If you have any problems or questions, please contact Cloudflare support. These rules are general for review and it happens that they do not work stably on all sites, so you have to edit them yourself for your sites. They do not guarantee you complete protection, but only help to cope with common attacks.
1. Bad Bot - Action Block (open)
- Blocks popular bad User Agent
- Blocks connections by port (usually only bots do this)
- Blocks outdated versions HTTP (1.0)
- Blocks bad threats flagged by cloudflare
- Blocks bad method requests
- Blocks suspicious X-Forwarded-For
- Blocks requests from the Tor network
- Blocks ASN list of most known proxy scraping sites
- Blocks non-standard cookies
2. Exploiting Fix - Action Block (open)
- Blocking queries with SQL vulnerabilities
- Blocking queries with XSS vulnerabilities
- Block popular PHP vulnerabilities
...
3. Method Fix (Optional) - Action Block (open)
- Blocks unusual attack methods that we have detected
4. Threat Check (Optional) - Action Challenge (open)
- Checking for outdated versions HTTP (1.1, 1.2)
- Checking countries that allow a lot of malicious traffic
- Checking bad threats flagged by cloudflare
- Checking for insecure requests (Not SSL requests)
- Checking requests of unknown origin (Not have referer)
Copy the expression and paste it into your expression builder
- Free Firewall for servers and WAF for websites: https://safeness.su/en/firewall.html
- My Bitcoin wallet - bc1qhn4n70f5f0m00pz8clanwjj30fl9j0j74jxh3u
- My USDT (TRC20) wallet - TUhvUrudtVXiAZ8jiD7TNF4kAMiFPpXahy