Is another firewall necessary?

We started using a malware detection and removal service that says we should set up a firewall through them. Is that necessary or beneficial if we have the Cloudflare firewall? We don’t have any custom firewall rules set up on Cloudflare.

That is good to have on the host/server.

From my experience, with more than 100-1500 daily blocked requests using Firewall Rules, I recommend to define some and try out for sure.

As far as I can combine multiple imtes inside one rule, it’s working great.

Example of rules which can be used:

  1. Block the requests from all countries except your own
  2. Block the requests by access to login, phpmyadmin, webmail, etc.
  3. Block the requests by user-agents
  4. Block the requests to file types, etc.
  5. More and more …

I believe it is beneficial to use 5 rules (at least on a Free plan) as they can block a lot of suspicious attacks before they land on your origin host/server.

For example, a few useful links which provide some more information and explanation how to set them up for Firewall rules that could be setup to block bots, access to WordPress or Joomla admin, etc.:

Therefore, I would also like to suggest you the Community tips regarding Cloudflare Firewall from here:

Nevertheless, there is never enough of security :wink:

1 Like

Thank you so much for the very detailed response. You’ve given me lots to investigate.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.