Anthony Parsons
Well-known member
I allow guests to post threads and replies in certain forums, and whilst I block just about everything known to man at Cloudflare already, and other means, at times something automated can still slip through and I want to basically close, what I think, is the last hole in my strategy.
If I use this Security Rule:
I just want to confirm whether I have the /create-thread and /add-reply correct so it blocks on a Managed Challenge automated spam. Why this last approach? Because I have had a few occasions where someone has use a valid ISP IP and spammed a hundred automated comments onto the site. Whilst they all endup in moderation from other rules, I would prefer automation can't do this to begin with, hence this final rule.
I added "and" logic to ensure it targets the right situations, excludes logged in users and added referrer mydomain to block direct bot posts.
Thoughts from the experts?
If I use this Security Rule:
Code:
(http.request.method eq "POST" and (http.request.uri.path contains "/add-reply" or http.request.uri.path contains "/post-thread" or http.request.uri.path contains "/post/") and not http.cookie contains "xf_user" and not http.referer contains "myptsd.com")I just want to confirm whether I have the /create-thread and /add-reply correct so it blocks on a Managed Challenge automated spam. Why this last approach? Because I have had a few occasions where someone has use a valid ISP IP and spammed a hundred automated comments onto the site. Whilst they all endup in moderation from other rules, I would prefer automation can't do this to begin with, hence this final rule.
I added "and" logic to ensure it targets the right situations, excludes logged in users and added referrer mydomain to block direct bot posts.
Thoughts from the experts?
