Login-warning from a person from org: Cloudflare

kontakt54 · July 15, 2023, 7:47am

Hi, I’m from Pixeltv

I checked our Wordfence this morning and i saw that we get HEAVY traffic from Amsterdam, Netherlands (we’re a Danish news site) and the peculiar thing is that every piece of traffic tried to acces the wp-admin and when i run WHOIS, all the IP’s share organisation and network-naming of something with Cloud, even a person from something caled “Cloudflare, Inc. (CLOUD14)” tried to login as admin.

I’m very new to all this, how should i go about this? Is it just the lay of the land or should we be worried?

Laudian · July 15, 2023, 7:53am

Your site is using Cloudflare, so it is to be expected that all requests are made by Cloudflare IPs.

You need to restore the visitor’s IP address to be able to see who tried to connect to your site:

kontakt54 · July 15, 2023, 7:56am

It just seems weird that cloudflare would spam-create accounts? It doesn’t make sense, it only dumps our performance if it goes on for long enough

Laudian · July 15, 2023, 8:36am

Cloudflare isn’t spamming your site, someone else is. You need to follow the guide in my previous post to see their IP address.

I’d recommend you contact the person in your IT department that is responsible for Cloudflare.

kontakt54 · July 15, 2023, 9:05am

Ah, sorry - I misunderstood your previous message. I’ll pass it on, thanks

system · July 18, 2023, 9:05am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.