in the apache error log i have seen visits to a non existing files that was likely PHP script exploit scanning. Interesting is that when i did WHOIS lookup of that IPs, it is Cloudflare (which is used to protect mine hosted site):
I was checking the access log too and i have seen that my visit has correct (non-cloudflare IP), so these exploters are likely using PHP site protected by Cloudflare to do the scanning of my site? And there is nothing that can be done on the server site except blocking visits from cloudflare? But how to block it safely without interupting something on a cloudflare protected site?