I have a website, it does not have phpMyAdmin, but I see (via access log) someone trying to access /phpMyAdmin and many other sensitive urls. I know - it’s a bot, it scans my website.
I need to automatically BLOCK this bot by IP address instantly when he hit some url (ex: */phpMyAdmin)
Can I do it ?
Similar functionality is provided by Rate Limit function, it works exactly as I expect if I configure (1 hit per 1 minute, then block for 1 hour) BUT, it blocks access ONLY to specified URL, but I need block by IP to entire web-site.
Could it be archived with cloudflare?