This repository offers an in-depth guide to securing your website using Cloudflare's Free and Pro Firewall Rules Plan. Explore various firewall rules and configurations to enhance your website's security and protect it from potential threats.
Cloudflare Firewall is a powerful tool for protecting your website from potential threats. This guide will help you understand and implement various firewall rules to enhance your website's security.
To get started with Cloudflare Firewall, you need to # for a Cloudflare account and add your website. Follow the instructions on the Cloudflare dashboard to set up your firewall.
| Rule Name | File Name | Action | What For |
|---|---|---|---|
| General | rules.ssl | Manually Add | Peformance, User Experience, DDOS Protection, Crawlers |
| Common Country | common-country.rules | Block | Only Allow Country's Who Won't Pass Much Malicous Traffic. |
| Bad ASN List | bad-asn.rules | Block | Block Bad ASN List Of Most Known Proxyscraping Sites. |
| Threat Score | threatscore.rules | Block | Block Bad Threats Flagged By Cloudflare |
| Request Method | request-method.rules | Block | Block POST & HEAD Request's Only Allow GET Request's Unless Needed. |
| User Agents | user-agents.rules | Block | Block Known User-Agents |
| mTLS-enforced authentication | mTLS-enforced.rules | Block | Block requests from devices without a valid known client SSL/TLS certificate. |
| Zone lockdown | zone-lockdown.rules | Block | Allow only specific IP addresses to access certain URLs such as an admin or protected area on your website. |
| Expressions | expressions.rules | Block | This Expressions are highly recommended for Node.js applications based on frameworks like Express. |
| Expressions 2 | expressions2.rules | Block | This Expressions are highly recommended for Node.js applications based on frameworks like Express. |
The Free Plan offers basic firewall rules to protect your website from common threats. This section will cover the default rules and how to customize them.
The Pro Plan provides advanced firewall rules and configurations for enhanced security. Learn how to implement and manage these rules to protect your website from sophisticated attacks.
Follow these best practices to ensure your website remains secure:
- Regularly update your firewall rules.
- Monitor your website traffic for suspicious activities.
- Use multi-factor authentication for your Cloudflare account.
- NexusGuard.com Thread Report 2018
- CloudFlare DDoS Trends 2021
- Bad ASNS List
- Archive Site Removal Guide
We welcome contributions from the community. If you have suggestions or improvements, please create a pull request or open an issue.
This project is licensed under the GNU Affero General Public License v3.0. See the LICENSE file for details.
