Cloudflare blocks the IP of our own server with Managed Challenge. The Activity log shows 8000+ blocks for the last 24 hours.
Is that normal? Or is our site compromised? Should I allowlist our IP?
We’re using WordPress and LiteSpeed server/cache.
Could be unrelated but we also have many “Failed login” attempts every day from IPs I see as blocklisted on this website: cleantalk.org/blacklists/79.137.195.103
WordPress is configured “out of the box” to make HTTP requests for its native cronjob, which is not ideal, and that may be the reason you’re seeing some of these requests (the ones with path /wp-cron.php). Please 
online for “wordpress real cronjob” and you should find many blogs explaining how to replace WordPress native cronjob.
The requests for /wp-admin/admin-ajax.php are quite common, as many plugins depend on this service to perform their tasks. You should visit Cloudflare Dashboard > Security > Events and find logs related to these blocks, to identify which service is blocking them.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.
