Brute force attacks on Joomla with an url

hello,

In joomla 5, php 8.1, i have this attack. Since i’m on Cloudflare i have too many attack.

Message

Failed Login Attempt Details

Message type: L’identifiant ne correspond pas au mot de passe, ou vous n’avez pas encore de compte.
Where: at Frontend Url: http://albatros-productions.com/component/users/?task=user.login&Itemid=101
IP Address: 185.197.74.94
Username: Dwightkat
Date Time: 2024-01-26 17:28:59

I put a WAF rulles and it’s working but not correctly.

Has anyone encountered this problem and have a solution?

Thx

What WAF rule did you put in?

Are you restoring visitor IPs? That IP isn’t a part of Cloudflare, so it could be attackers are going to your site directly, bypassing Cloudflare.

hello,

Full url

Good morning,

How do they bypass Cloudflare?

Cloudflare not working properly?

How do they get around Cloudflare?

greetings

If they have your server’s IP address, and you aren’t limiting your requests to only Cloudflare then they can hit your server directly.

You should check out Protect your origin server · Cloudflare Fundamentals docs to help secure your origin

thx you