CD
Cloudflare Developers4mo ago
Alvee

about workers protection

hey I want to only allow traffic from certian hostnames for my domain that is using workers also pages. is there any limits on how many 'OR' expression I can use or unlimited or
No description
12 Replies
Erisa
Erisa4mo ago
Change the operator to "Is not in" and then you can add a big list
Alvee
Alvee4mo ago
I want to rate limit all my endpoints including sub domains also. /* not working ig. what is the wildcard to target all
No description
Chaika
Chaika4mo ago
Ruleset engine doesn't support wildcards like that Actually, what are you trying to do there? Verfied Bots are the good bots who are whitelisted and identify themselves like Google Bot and such https://radar.cloudflare.com/traffic/verified-bots
Alvee
Alvee4mo ago
I am just trying to protect my cloudfalre worker from DOS attack what rules should I use for that
Chaika
Chaika4mo ago
if you just wanted to ratelimit everything, you can click Edit Expression and type "true", and it would match every request to your website/zone
Alvee
Alvee4mo ago
sounds good. will this work. requests 200 period is 10 second. what if attacker gave more then 200 under 5 second like attacker doing DOS have 1000 clients ready and send 40k under 5 second will this only come into affect after 10 second.
No description
Alvee
Alvee4mo ago
and the period I can't change to something else other then 10 seems like
Chaika
Chaika4mo ago
it's 200 requests within the last 10 seconds -> blocked for 10 seconds (block would be instant the second they breached it)
Chaika
Chaika4mo ago
the free plan is pretty restrictive, pro and higher has some more options: https://developers.cloudflare.com/waf/rate-limiting-rules/
Cloudflare Docs
Rate limiting rules · Cloudflare Web Application Firewall (WAF) docs
Rate limiting rules allow you to define rate limits for requests matching an expression, and the action to perform when those rate limits are reached.
Alvee
Alvee4mo ago
@Chaika love you ❤️ . it's working blocked 62k req out of 64k. seems like it's working.
No description
Alvee
Alvee4mo ago
btw it's only per client IP right. so other users still can use.
Chaika
Chaika4mo ago
yep it's per IPv4 /32 (single ip) and IPv6 /64 iirc
Want results from more Discord servers?
Add your server
More Posts
Need Help Cancelling Subscription: No 'Action' Options FoundHello, I would like to cancel my subscription, but I don't see any options under 'action.' Can you pNeed Help Cancelling Subscription: No 'Action' Options FoundHello, I would like to cancel my subscription, but I don't see any options under 'action.' Can you pLoadbalancing, nginx & certs questionHello everyone, i'm in the process of creating a synchronised replica of my dedicated server. At Host minecraft server from Cloudflare Tunnels?Hello, I have found out, that Cloudflare Tunnels can redirect TCP to a public hostname, but it seemscloudflare pagesHello everyone, I have a custom domain linked to Cloudflare Pages using a CNAME record. Is it possiNeed to manage tenant accounts via API, will parent account API key work?Hi I am interested in using tenant accounts to manage customers primarly for domains and DNS recordsCan't delete payment methodAfter purchasing a domain I want to delete my payment method, but I can't it's says I have pending pI am getting 405 error code when aI am getting 405 error code when a client with an ipv6 address is trying to connect to my origin seGetting "Verifying you are human" on dash.cloudflare.com on all browsers, can't access anything.Getting "Verifying you are human" on dash.cloudflare.com on all browsers, can't access anything.Enabling the Analytics Engine from the DashHey folks, Trying to have a little play with the workers analytics engine to build some silly thing