For some reason, my firewall isn’t deploying; I’m getting hit by bots every 30 seconds on xmlrpc.php. I’ve set a rule to block URI: /xmlrpc.php, but it didn’t work, and then I tried the full URI path, but still the same result. Probe goes through and is captured by Wordfence.
I’ve also set up a bad bots list, but only one bot has been blocked so far.
Any help, please? I’d prefer to let Cloudflare block these attacks since it’s putting a load on my server.