网站被攻击，如何正确套上CF抵御？两条就足够了。

最近导航网站经常被流量攻击，疯狂跑网站流量，两个小时20G左右吧，一直困扰着我，

后来在电报群里的大神指点下，用上了CF的WAF的防火墙规则！

 

 

 

 

 

 

添加防火墙规则表达式

第一

(cf.threat_score ge 5 and not cf.client.bot) or (not http.request.version in {"HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"}) or (not http.user_agent contains "Mozilla/")

第二

(cf.client.bot) or (http.user_agent contains "duckduckgo") or (http.user_agent contains "facebookexternalhit") or (http.user_agent contains "Feedfetcher-Google") or (http.user_agent contains "LinkedInBot") or (http.user_agent contains "Mediapartners-Google") or (http.user_agent contains "msnbot") or (http.user_agent contains "Slackbot") or (http.user_agent contains "TwitterBot") or (http.user_agent contains "ia_archive") or (http.user_agent contains "yahoo")

来源：https://kejilion.blogspot.com/2022/11/cf-waf.html