I’m seeing thousands of requests from a country which isn’t normally in my website’s core market. These requests often have an “Unknown” browser and an “Unknown” operating system.
These requests are likely spam/bot traffic and I find it strange that they’re not being blocked by the Firewall as I have most of the pre-set Cloudflare firewall rules enabled.
Anyway, is there a way that I can see the IP addresses of these requests in the Analytics tab? Ideally I would like to see the top 15 IP addresses sending most requests to the website, then I can block those IPs.
As Cloudflare is privacy-focused, it won’t show up addresses. I suggest you add a firewall rule to js-challenge these requests, and then look at the firewall events log for detailed connection information. Even just clicking on that rule’s traffic will filter the requests that are being triggered.
I did try to set up a firewall rule, however I don’t see a way to create a rule based on “Operating System = Unknown” or “Browser = Unknown”. The best I can do is “User Agent = [blank]”.
In that regard, there seems to be a disparity between the Analytics section and the Firewall section.
I don’t want to challenge all traffic from the country, just the suspicious-looking traffic.