Brute force attacks on Joomla with an url


In joomla 5, php 8.1, i have this attack. Since i’m on Cloudflare i have too many attack.


Failed Login Attempt Details

Message type: L’identifiant ne correspond pas au mot de passe, ou vous n’avez pas encore de compte.
Where: at Frontend Url:
IP Address:
Username: Dwightkat
Date Time: 2024-01-26 17:28:59

I put a WAF rulles and it’s working but not correctly.

Has anyone encountered this problem and have a solution?


What WAF rule did you put in?

Are you restoring visitor IPs? That IP isn’t a part of Cloudflare, so it could be attackers are going to your site directly, bypassing Cloudflare.


Full url

Good morning,

How do they bypass Cloudflare?

Cloudflare not working properly?

How do they get around Cloudflare?


If they have your server’s IP address, and you aren’t limiting your requests to only Cloudflare then they can hit your server directly.

You should check out Protect your origin server · Cloudflare Fundamentals docs to help secure your origin

thx you