Set up WAF rate limiter for all paths

Hi everyone, I'm on workers free plan and am wondering if a WAF rate limiting rule can be set and applied to all paths of the domain? My use case is as follows 1. I created an R2 bucket and assigned example.video domain to it 2. I went into WAF settings of mentioned domain and under rate limiter set it to block per ip after 1 request, I left path empty which gave (http.request.uri.path eq "") as expression I was hoping that after making 2-3 requests I'd be blocked, but it seems this rule is not applying. Is there a different expression I can use to rate limit all requests for this domain, or this requires a paid plan?
3 Replies
Alf
Alf8mo ago
One, is it on lol 2 maybe make it so if example.video is included in the site stuff then rate limit
Chaika
Chaika8mo ago
Free Plan rate limiting is pretty limited in fields. Your expression is never going to match because path is never empty, it's always at least /, otherwise containing the full path, ex: /store/checkout.php, etc. You can click "Edit Expression" and type true or if you want to stay in the visual expression builder, you could use Uri Path starts with / which would also always be true. That would apply to all subdomains as well though, no way to scope it further then that on free
0xAsimetriq
0xAsimetriqOP8mo ago
The starts with "/" was what I missed. Used default that was equals 🤦‍♂️
Want results from more Discord servers?
Add your server