套cf后 站点WAF防火墙规则设定 这两条就够了 全能防御恶意流量攻击！

源网站

最近导航网站经常被流量攻击，疯狂跑网站流量，两个小时20G左右吧，一直困扰着我，

后来在电报群里的大神指点下，用上了CF的WAF的防火墙规则！

 

 

  

 

 

 

  

 

添加防火墙规则表达式

第一

(cf.threat_score ge 5 and not cf.client.bot) or (not http.request.version in {"HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"}) or (not http.user_agent contains "Mozilla/")

 

第二

 (cf.client.bot) or (http.user_agent contains "duckduckgo") or (http.user_agent contains "facebookexternalhit") or (http.user_agent contains "Feedfetcher-Google") or (http.user_agent contains "LinkedInBot") or (http.user_agent contains "Mediapartners-Google") or (http.user_agent contains "msnbot") or (http.user_agent contains "Slackbot") or (http.user_agent contains "TwitterBot") or (http.user_agent contains "ia_archive") or (http.user_agent contains "yahoo") or (http.request.uri.path eq "/.git") or (http.request.uri.path eq "/wp-admin/theme-l editor.php") or (http.request.uri.path eq "/wp-admin/plugin-editor.php\"") or (http.request.uri.path eq "/wp-config.php") or (http.request.uri.path eq "/.env")

 第三 限制国~家

自行选择

 

源作者

https://kejilion.blogspot.com/2022/11/cf-waf.html