Would this WAF rule work the way I want it to?

Essentially, I want to block everyone but me (my IP) from accessing

wp-admin

wp-admin

wp-admin

wp-admin,

wp-admin.php

wp-admin.php

wp-admin.php

wp-admin.php,

wp-login

wp-login

wp-login

wp-login and

wp-login.php

wp-login.php

wp-login.php

wp-login.php.
Would the wildcard below work?

DavidOP•9/24/24, 8:03 PM

Stump... Saved someone the trouble of testing it for me.
Can someone please suggest a better WAF rule? Thanks :)

Chaika•9/24/24, 8:08 PM

Hostname eq AND
URI Path

is in

is in

AND
IP Source Address is not in

DavidOP•9/24/24, 8:09 PM

And then i do OR and repeat that statement for wp-admin?

Chaika•9/24/24, 8:09 PM

no it'd be part of the URI Path is in list

Chaika•9/24/24, 8:09 PM

like so

DavidOP•9/24/24, 8:09 PM

Oh I see

DavidOP•9/24/24, 8:09 PM

Thanks :)

Chaika•9/24/24, 8:09 PM

Chaika•9/24/24, 8:10 PM

missing the .php extensions but you get the point

DavidOP•9/24/24, 8:10 PM

Chaika•9/24/24, 8:10 PM

Path field doesn't include query params so don't have to worry about those

DavidOP•9/24/24, 8:16 PM

Deployed and it works. Thanks again :)
closing this post

Incrisz•10/5/24, 3:29 PM

were you able to implement this rule using FREE PLAN?