I’m seeing thousands of requests from a country which isn’t normally in my website’s core market. These requests often have an “Unknown” browser and an “Unknown” operating system.
These requests are likely spam/bot traffic and I find it strange that they’re not being blocked by the Firewall as I have most of the pre-set Cloudflare firewall rules enabled.
Anyway, is there a way that I can see the IP addresses of these requests in the Analytics tab? Ideally I would like to see the top 15 IP addresses sending most requests to the website, then I can block those IPs.
As Cloudflare is privacy-focused, it won’t show up addresses. I suggest you add a firewall rule to js-challenge these requests, and then look at the firewall events log for detailed connection information. Even just clicking on that rule’s traffic will filter the requests that are being triggered.
Thanks for replying.
I did try to set up a firewall rule, however I don’t see a way to create a rule based on “Operating System = Unknown” or “Browser = Unknown”. The best I can do is “User Agent = [blank]”.
In that regard, there seems to be a disparity between the Analytics section and the Firewall section.
I don’t want to challenge all traffic from the country, just the suspicious-looking traffic.