How to protect my domain from attacks

What are the correct rules to avoid unwanted visits, DDOS attacks, malicious bots etc…?
Can you do a study of the visits to optimize the rules?
How much would it cost?

1 Like

In short, despite the Cloudflare plan we are using, I’d say using multiple ways and different types of available features available to us at Cloudflare dashboard.

First things first, make sure your DNS hostname for your domain (root, www, sub…) is proxied and set to :orange:.

If I may add here as a really good reference for further cases in terms of security and protection with Cloudflare from my colleague @jnperamo :

We can lock down our web host and allow only the Cloudflare to connect and similar techniques:

We can use Cloudflare Access / Zero Trust (Teams):

Well, depending on the attack type, if user-agents, crawlers, ASNs, etc., there are few I would recommend to add to your Firewall Rules, like the posted here:

Therefore, some Firewall Tips are published here:

Using the search :search: :

Regarding WordPress Firewall Rules & Security, may I suggest:

Last but not the least, kindly see more by reading Cloudflare articles which contain a lot of helpful information for better understanding and usage as well in terms of Security and Protection:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.