Sử dụng Firewall Rules của Cloudflare để chặn DDoS

 

1. Cho Phép Bot có lợi 

(cf.client.bot)

2.  Chặn BOT xấu truy cập

(cf.threat_score gt 15) or (http.user_agent contains "AhrefsBot/") or (http.user_agent contains "BaiDuSpider") or (http.user_agent contains "baidu.com") or (http.user_agent contains "/bin/bash") or (http.user_agent contains "crawler.feedback@gmail.com") or (http.user_agent contains "DnyzBot/") or (http.user_agent contains "DotBot/") or (http.user_agent contains "eval(") or (http.user_agent contains "Go-http-client/") or (http.user_agent contains "Nikto") or (http.user_agent contains "Nimbostratus") or (http.user_agent contains "python-requests") or (http.user_agent contains "Scrapy/") or (http.user_agent contains "SeznamBot/") or (http.user_agent contains "Sogou web spider/") or (http.user_agent contains "spbot/") or (http.user_agent contains "Uptimebot/") or (http.user_agent contains "WebDAV-MiniRedir") or (http.user_agent contains "WinHttp.WinHttpRequest") or (http.user_agent contains "ZmEu") or (http.user_agent contains "MJ12bot") or (http.user_agent contains "SEMrushBot") or (http.user_agent contains "MauiBot") or (http.user_agent contains "python") or (http.user_agent contains "muckrack") or (http.user_agent contains "PetalBot") or (http.user_agent contains "AspiegelBot")

3.  Chặn các Quốc Gia không cần thiết truy cập

(ip.geoip.country in {"KR" "JP" "VN" "RU" "CN"})

4. IP resqeat 10 la bat cho 5s

(cf.threat_score gt 10)