Milion milion 404 request

40% request like this:
/9840910sl8yxciki0pxofc
/9840910sl8yxciki0pxof5458
/9840910sl8yxciki0pxo545
/9840910sl8yxciki0pxof455
25% request to
/wp-admin/admin-ajax.php

When disable under attack mode server cpu 100% use.

1 Like

Try Cloudflare Rate limiting by HTTP response status codes i.e. 403 and/or 403 Unknows page request atttack - #6 by eva2000


Like this ?

Your CF plan doesn’t have access to rate limiting parameters for custom counting expression Increment counter when it seems Rate limiting parameters · Cloudflare Web Application Firewall (WAF) docs

Looks like increment counting feature is Cloudflare Business plan or higher Rate limiting rules · Cloudflare Web Application Firewall (WAF) docs :frowning:

So you can’t use the rule in your screenshot as is as it will rate limit and false positive trigger. But you can adjust the expression criteria to paths you know are being attacked and analysis from WAF event logs patterns of attack you can target using Rate limiting.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.