Set up WAF rate limiter for all paths

Hi everyone, I'm on workers free plan and am wondering if a WAF rate limiting rule can be set and applied to all paths of the domain?
My use case is as follows

I created an R2 bucket and assigned
```
example.video
```
example.video
```
example.video
```
example.video
domain to it
I went into WAF settings of mentioned domain and under rate limiter set it to block per ip after 1 request, I left path empty which gave
```
(http.request.uri.path eq "")
```
(http.request.uri.path eq "")
```
(http.request.uri.path eq "")
```
(http.request.uri.path eq "")
as expression

I was hoping that after making 2-3 requests I'd be blocked, but it seems this rule is not applying. Is there a different expression I can use to rate limit all requests for this domain, or this requires a paid plan?

Alf•4/30/24, 12:39 PM

One, is it on lol
2 maybe make it so if example.video is included in the site stuff then rate limit

Xxzilja Hi everyone, I'm on workers free plan and am wondering if a WAF rate limiting ru...

Chaika•4/30/24, 12:46 PM

Free Plan rate limiting is pretty limited in fields. Your expression is never going to match because path is never empty, it's always at least

, otherwise containing the full path, ex: /store/checkout.php/store/checkout.php, etc.
You can click "Edit Expression" and type

true

true

or if you want to stay in the visual expression builder, you could use Uri PathUri Path starts withstarts with

which would also always be true.
That would apply to all subdomains as well though, no way to scope it further then that on free

xziljaOP•4/30/24, 1:24 PM

The starts with "/" was what I missed. Used default that was equals

Set up WAF rate limiter for all paths

Similar Threads

Similar Threads

Similar Threads