My website is under some kind of bot traffic attac, spiking traffic on some URLs and from some particluar countries like USA. So I just set my site to use Cloudflare with these Challange captcha for all SSL/HTTPS traffic.
But as I remote publish posts via xmlrpc, which is not working anymore.
I tried allowing the IP address of VPS i remote post but no luck.
I’ve also created a page rule as:
Disable Security, Always Online, Security Level: Essentially Off
But still no luck
Could you please help me out here?
I just setup a firewall rule of when incoming requests matches SSL/HTTPS then shows challenge captcha.
In that firewall rule you could exclude the file in question.
How do i do that, I tried but no luck or maybe I dont know how to do it.
Post a screenshot of your page rule and the full URL you want to exclude?
That’s the screenshot mate
and url would be www.example.com/xmlrpc.php , site has ssl though
In that case you simply “and” your current expression with
(http.request.uri.path ne "/xmlrpc.php")
Oh man, I totally forgot about not equal condition!
Thanks a ton mate
This topic was automatically closed after 30 days. New replies are no longer allowed.