1.WAF规则
路径是 安全性--WAF
添加规则--编辑规则表达式,然后直接填入:
(not ip.geoip.country in {"CN" "HK" "JP" "KR" "SG" "TW" "US" "CA"} and not cf.verified_bot_category in {"Search Engine Crawler" "Search Engine Optimization" "Monitoring & Analytics" "Advertising & Marketing" "Page Preview" "Academic Research" "Security" "Accessibility" "Webhooks" "Feed Fetcher" "AI Crawler" "Aggregator" "Other"} and not cf.client.bot) or (http.request.uri.path in {"support" "xmlrpc" "vpn" "zip" "rar" "search" "7z" "gz" "xz" "bak"} and not http.request.uri.path in {"css" "js" "ico" "jpg" "png" "ttf" "woff2" "avif" "jpeg" "heif"}) or (not http.request.method in {"GET" "POST" "HEAD"}) or (ip.geoip.asnum in {12816 12786 18450 197540 24961 26496 35908 46606 54600 60068 22773 18978 7922 61317 6079 397391 46562 22616 26347 45916 22394 202594 40676 398101 396362 6167 54290 135981 21686 7303 138997 22418 140224 46475 20001 43959 41378 29802 10013 9824 4766 209 43260 7565 40676 3786 28438 13287 3786 24641 54548 43754 205544 6461 141995 8047 35916 396253 64096 40021 32097 394380 9286 16509 9370 9318 6921 7713 4788 262186 13489 21353 13213 6939 62240 38136 29979 11672 22646 134366 396899 20141 17877 134196 18310 61317 9341 17451 47331 9833 4800 206119 6453 3549 52468 7925 11525 6921 7506 23089 35956 45090 395954} and not cf.client.bot and not cf.verified_bot_category in {"Search Engine Crawler" "Search Engine Optimization" "Monitoring & Analytics" "Advertising & Marketing" "Page Preview" "Academic Research" "Security" "Accessibility" "Webhooks" "Feed Fetcher" "AI Crawler" "Aggregator" "Other"}) or (ip.geoip.asnum in {14061 20473 2914 16276 24940 8100 45102 36352 135377 63949 54994 35908 8075 12876 14618 16276 36351} and not cf.client.bot and not cf.verified_bot_category in {"Search Engine Crawler" "Search Engine Optimization" "Monitoring & Analytics" "Advertising & Marketing" "Page Preview" "Academic Research" "Security" "Accessibility" "Webhooks" "Feed Fetcher" "AI Crawler" "Aggregator" "Other"}) or (http.user_agent contains "?") or (http.user_agent contains "lib") or (http.user_agent contains "Opera") or (http.user_agent contains "MSIE") or (cf.threat_score gt 5 and not ip.src in {8.8.8.8})
针对特殊登录路径防护
(http.request.uri.path contains "/console") or (http.request.uri.path contains "/wp-admin") or (http.request.uri.path contains "/admin") or (http.request.uri.path contains "login") or (http.request.uri.path contains "console")
屏蔽AI采集
(cf.verified_bot_category eq "AI Crawler")
2.速率限制规则
全站开启,阈值是10S 100次,建议不要再低了,一个网页可能包含了很多请求,再低就要拦截正常用户了。当然如果你被cc了,可以临时性调低阈值
(http.request.uri.path contains "/")
评论