Blocking malicious traffic is important to prevent an attack against origin servers. In this tutorial, I would like to describe the custom firewall setting available in Cloudflare dashboard.
Cloudflare is a business focuses on the web site's security and caching. It helps website developers to prevent DDOS (Distributed Denial of Service) attack on the origin web server and to reduce the load on the system.
Cloudflare indeed offers a free plan; to receive Cloudflare benefits all you need is to point the nameserver of your domain to Cloudflare assigned nameserver. The steps are simple and easy to follow. We may discuss it on another blog post.
When we come to the firewall settings, Cloudflare provides 5 rules to manage in the free plan. The response of the matched firewall rule can have 6 types. They are :
- Log
- Bypass
- Allow
- Challenge (or captcha)
- JS Challenge
- Block.
The log is available to Enterprise customers only. All other actions are available in every plan of Cloudflare.
Log
Setting this as the action for a firewall rule will log every matched request in the logs. And this action type is currently only available to Enterprise customers.
Bypass
This will dynamically disable the Cloudflare security features for the matched request. After the bypass action, the request is subjected to evaluation to the rest of the rules by the order.
Allow
All the request which match the rule with action as allow will bypass any challenge or block rule within the firewall custom rules. But are not subjected to IP access or WAF rules.
Challenge
The visitor or client needs to pass a captcha test to see the response from the server. Else the client cannot see the requested content on the web.
JS Challenge
Cloudflare javascript challenge must be passed by the client to see the requested content. Else the request will be blocked.
Block
Every request that matches the rule with this action will be blocked immediately. And the client cannot see the requested content on the web.
Expressions available for fields in firewall rules
There are some default expressions to filter requests to your website. These include AS Num, cookie, Country, Hostname, IP address, Referer, Request Method, URI, etc.. These expressions' operator and value can be set up in the UI itself. Cloudflare also provides the option to do this by coding the expression.
Conclusion
Cloudflare provides custom firewall options to reduce the requests which you feel are malicious for the website. You can customize the request as your wish with the help of adding fields and editing the values of the expression. You can utilize the custom firewall from Cloudflare to block or challenge unwanted requests.
Post a Comment
To be published, comments must be reviewed by the administrator. You can also write Guest Blogging on our website.