You mention in one post the following:
Could you please replicate the rules to see which I can add to my firewall.
Also how i can block alls ports except 80 and 443.
“1. to allow only my IP or server IP in some case, and some other stuff to allow related (if using mta-sts sub-domain and that for e-mail)
2. to block WordPress related (block requests to upgrade.php with the exception of my own country so I could upgrade my WordPress regulary - I block all, but challange my country in 3rd one and have challenge possible for anything else) for it wp files, xmlrpc, wp-config, wlwmanifest, autodiscover, WP JSON path, Tor browser, HTTP/1.0 version, lost password query part of wp-login.php, etc.) and cPanel (or some other) things like blocking all ports except 80 and 443
3. to challenge the request to the upgrade.php for WordPress fo each request (including my country) trying to open it (protecting from wpscan possibillity to figure out which WP version I am running either with removed query strings and wp generator meta tag)
4. to block requests to wp-cron.php except my server IP and also any other .php file in any of the /wp-content/ directory and also to block user-agents (crawlers, bad bots etc.),
5. to block file access by type (sql, gz, bak, .htaccess, etc.) including SQL injection protection (if URLs contain parts like DROP, SELECT, UNION, base64, etc.), passwd and etc probes, license.txt and readme.txt files (most plugins have them) and similar”