# Cloudflare WAF Rules à configurer dans le dashboard

## Règle 1: Bloquer les User-Agents suspects
Expression: (http.user_agent contains "bot" or http.user_agent contains "crawler" or http.user_agent contains "spider" or http.user_agent contains "scraper" or http.user_agent contains "curl" or http.user_agent contains "wget" or http.user_agent contains "python" or http.user_agent contains "php" or http.user_agent contains "java")
Action: Block

## Règle 2: Limiter les requêtes par IP
Expression: (ip.src eq 0.0.0.0/0)
Action: Rate limit: 10 requests per minute per IP

## Règle 3: Bloquer les pays suspects
Expression: (ip.geoip.country in {"CN" "RU" "KP" "IR"})
Action: Block

## Règle 4: Challenge les requêtes sans referer
Expression: (http.referer eq "")
Action: Challenge (Captcha)

## Règle 5: Bloquer les requêtes avec headers suspects
Expression: (http.request.headers["x-forwarded-for"] ne "" or http.request.headers["x-real-ip"] ne "")
Action: Block

## Règle 6: Protection contre les attaques DDoS
Expression: (cf.threat_score gt 14)
Action: Block

## Règle 7: Bloquer les requêtes avec des paramètres suspects
Expression: (http.request.uri.query contains "admin" or http.request.uri.query contains "wp-" or http.request.uri.query contains "phpmyadmin")
Action: Block

