Skip to content
Visit Firewall on GitHub
Set theme to dark (⇧+D)

Require specific HTTP ports

By default, Cloudflare allows requests on a number of different HTTP ports (see Identifying network ports compatible with Cloudflare's proxy on the Cloudflare support site).

You can target requests based on their HTTP port with the cf.edge.server_port dynamic field.

Use the in comparison operator to target a set of ports.

This example blocks requests to that are not on ports 80 or 443:

ExpressionAction eq "" and not cf.edge.server_port in {80 443}Block