Getting random bots attack 404

Can anyone give me a setting where I can block

wordpress/wp-includes/ms-blogs.php
skin/common_files/lib/jquery.cookie.js
wp-content/themes/car-repair/tinymce/inc/php/d7pvwm.php
blog/wp-includes/wlwmanifest.xml
wordpress/wp-includes/Text/Diff/Engine/shell.php
wordpress/wp-includes/ID3/module.audio-video.quicktime.php
/wordpress/wp-includes/kses.php

anyways I can block those using Cloudflare or .htaccess?

You can block these with Firewall Rules. A “URI Path Contains wordpress” would certainly stop most of those.

https://developers.cloudflare.com/firewall/

3 Likes

have I done this correct?

It should be OR instead of AND. It’s not going to be all three at the same time.

3 Likes

Like this?

does this mean no one is able to access anything that has a URL path?

Wordpress

wordpress/wp-includes/ms-blogs.php << this will be blocked?

for this to work do I need to do anything else?

I see it working thank you

1 Like

Ok

What’s the best URL path to block on WordPress?

This is what I have so far
skin
wp-config
assets
wp-links
themes
CGI
fusion
Avada

If I may suggest as similar topic recently, not exactly the URL patch, rather multiple measures to protect WordPress by using Cloudflare which could be find at the below post containing useful stuff:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.