你的位置：首页>programmer>cloudflare - Security WAF Rule to block requests that doesnt match full uri - Stack Overflow

cloudflare - Security WAF Rule to block requests that doesnt match full uri - Stack Overflow

programmeradmin2025-04-088浏览0评论

I have the following rule on cloudflare Security WAF:

(http.request.full_uri ne "; and http.request.full_uri ne ";)

I also tried:

(http.request.full_uri ne "tunnel.xxx")

Checking the logs at Security > Events it doesnt show the full uri, just Host "tunnel.xxx" Path "/"

It should block any request that is not any of these uri

Im testing the rule with the following example request:

$headers = @{
    "X-Large-Header" = "A" * 1
    "User-Agent" = "WebSocket++/0.8.2"
    "Upgrade" = "websocket"
    "Connection" = "Upgrade"
    "Sec-WebSocket-Key" = "dGhlIHNhbXBsZSBub25jZQ=="
    "Content-Type" = "application/octet-stream"
}

Invoke-WebRequest -Uri "; -Method Get -Headers $headers -Verbose

The rule is blocking the request, why?

I only have that rule active nothing else, turning it off the request succeeds, maybe at the WAF side the full uri is different? How i could debug this issue?

与本文相关的文章

cloudflare - Security WAF Rule to block requests that doesnt match full uri - Stack Overflow

评论列表(0)

暂无评论

科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

与本文相关的文章

评论列表(0)