Cloudflare Rules

Rules of Cloudflare Firewall for Block Bad Bot and Exploiting. Made by Safeness

• Important: If you have any problems or questions, please contact Cloudflare support. These rules are general for review and it happens that they do not work stably on all sites, so you have to edit them yourself for your sites. They do not guarantee you complete protection, but only help to cope with common attacks.

1. Bad Bot - Action Block (open)

• Blocks popular bad User Agent
• Blocks connections by port (usually only bots do this)
• Blocks outdated versions HTTP (1.0)
• Blocks bad threats flagged by cloudflare
• Blocks bad method requests
• Blocks suspicious X-Forwarded-For
• Blocks requests from the Tor network
• Blocks ASN list of most known proxy scraping sites
• Blocks non-standard cookies

2. Exploiting Fix - Action Block (open)

• Blocking queries with SQL vulnerabilities
• Blocking queries with XSS vulnerabilities
• Block popular PHP vulnerabilities

...

3. Method Fix (Optional) - Action Block (open)

• Blocks unusual attack methods that we have detected

4. Threat Check (Optional) - Action Challenge (open)

• Checking for outdated versions HTTP (1.1, 1.2)
• Checking countries that allow a lot of malicious traffic
• Checking bad threats flagged by cloudflare
• Checking for insecure requests (Not SSL requests)
• Checking requests of unknown origin (Not have referer)

How to use?

Copy the expression and paste it into your expression builder

Not enough Cloudflare?

• Free Firewall for servers and WAF for websites: https://safeness.su/en/firewall.html

Would you like to support me financially?

• My Bitcoin wallet - bc1qhn4n70f5f0m00pz8clanwjj30fl9j0j74jxh3u
• My USDT (TRC20) wallet - TUhvUrudtVXiAZ8jiD7TNF4kAMiFPpXahy