Cloudflare allows attempts to auto-create user accounts


I can see that Cloudflare actively blocks suspicious traffic, but some serious threats are still passing through. We had a case where something tried to create user accounts 550 times in 4 minutes. The CleanTalk WordPress plugin prevented them from succeeding, but that caused a CPU spike that prevented legit users from accessing the website.

I’m looking for a way to stop these attempts sooner. I have deployed 3 rules.

Two WAF custom rules to block or challenge POSTS to the CleanTalk API based on the Cloudflare threat score. That should secure all forms, not only account creation but also contact forms and submitting forum posts.

And a WAF rate-limiting rule, blocking frequent requests to account and login pages.

  1. I am missing the option to filter on the POST request type in rate limiting rules. That would be more useful than looking at any request. I am I overlooking something?

  2. Is there a better way to block this kind of traffic?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.