I have hundreds of requests (404) for each post in wordpress for file mraid.js (actually does not exist) from cloudflare! Is this normal?
Are you a Cloudflare customer? (you’ve added your website to a Cloudflare account?)
What do you mean? If I have a paid plan?
No, just if your website is indeed set up with Cloudflare, even on the free plan.
Yes, it is set up with cloudflare, otherwise why I should ask in this community? ?!
Don’t get me wrong, not all users in the community have their websites on Cloudflare. Some of them are just Cloudflare WARP or 1.1.1.1 users, and some of them are just visitors who visit a website that is using Cloudflare (which is totally possible based on our experience).
However, I’ll leave your original question (404 requests) to other community members as I don’t have an answer for that.
These are probably bots looking to see if you’re vulnerable to a certain Wordpress-based exploit - if it’s there, then the bots can probably perform the exploit to take over the Wordpress site or perform some other malicious actions. Since it’s not there, there’s really nothing for you to worry about.
You’re probably not restoring visitor IP addresses - by default, requests come from Cloudflare, but CF passes the real visitor’s IP address via the Cf-Connecting-Ip header. See
https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs
2 Likes
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.