Cloudflare’s Firewall Rules can also be written in Wireshark expression format.
Below are some simple rule action examples:
Challenge (Legacy CAPTCHA) — Presents a Captcha challenge to the clients making HTTP requests with exposed credentials.
(http.request.uri.path contains "/firewall.html" and http.request.uri.query contains "challenge" and http.host eq "www.cf-testing.com")
JS Challenge — Presents a Cloudflare JavaScript Captcha challenge to the clients making HTTP requests with exposed credentials.
(http.request.uri.path contains "/firewall.html" and http.request.uri.query contains "javascript" and http.host eq "www.cf-testing.com")
Managed Challenge — Automatically chooses between two challenge types, always starting with JS Challenge and only proceeding to CAPTCHA if necessary. (Eliminating CAPTCHAs)
(http.request.uri.path contains "/firewall.html" and http.request.uri.query contains "managed" and http.host eq "www.cf-testing.com")
Block — Blocks HTTP requests containing exposed credentials.
(http.request.uri.path contains "/firewall.html" and http.request.uri.query contains "block" and http.host eq "www.cf-testing.com")
Challenge API – coming soon!
The information contained on this website is for general information and educational purposes only. This website is not affiliated with the company Cloudflare, nor does it represent Cloudflare in any way.