I have been fixing this site that wasn’t updated for years (wp-core was but not all plugins). I just put it behind cloudflare and deployed a firewall rule that blocks bad bots and allow good ones. In the cloudflare firewall log I get this block. Which seems odd at least, and doing a cronjob. Any ideas? Changes salts and enforced 2fa for admins and editors so far.
AS200719 MISSDOMAIN (my host)
It’s quite normal for automated bots to be scamming for login panels, and attempting to log in to them
Yes however, since host is my own site , doesn’t that say that the bot is on the inside rather from outside?
I believe the
Host field refers to the
Host header that the “browser” sent Host - HTTP | MDN
So no I don’t think it’s on the inside, unless your web server’s ip address is 220.127.116.11?
18.104.22.168 is the sites address on cloudflare
Oh in that case it is strange, wp-cron.php seems to be a Wordpress cron thing, but that User agent does seem strange. I suggest you investigate this further
This topic was automatically closed after 30 days. New replies are no longer allowed.