Firewall Rules wp-admin/includes/content/

Hi!

These rules may constitute a problem, in wordpress’s work?

url/contains JS Challenge
*.idstudio.tk/wp-admin/*
*.idstudio.tk/wp-content/*
*.idstudio.tk/wp-includes/*

Thx

As it stands I think that would cause issues, yes.

Firstly you should probably exclude anything with a valid referrer from your host. Then maybe also set the method as equal to ‘GET’ so any internal POSTs to the host work.

Also, you could set source IP to ‘not equal’ your hosts public IP so any kind of local calls that may hit Cloudflare don’t get caught.

Just a couple of thoughts on things I’d add even before I did any testing but I don’t use WP myself.

1 Like

I think it’s risky in all three cases. Though if you really want to try, just keep a close eye on how the site behaves. The JS Challenge can cause odd behavior for anybody’s first visit to the site. wp-admin also contains admin-ajax which is frequently used for frontend and backend services.

What is it you’re trying to block?

1 Like

I thought well.
Thank you for your answers.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.