More number of requests in overview tab of firewall

Hi Team,

We are new to this community wanted to take some help from here.

Our VPS server is loaded and we are facing performance issues on the website & hence we have opted for cloudflare.

We have enabled few firewall and page rule settings for our wordpress (woocommerce) website through the cloudflare panel (free account).

Once we have enabled these settings we are able to see many entries getting logged in the overview tab under the firewall settings every minute. Is this kind of an attack or a serious issue?

Is there anything else that we need to do to stop these requests? Guess these attacks are happening on wp-login and xmlrpc.php mostly.

Should we be enabling anything like “I’m Under Attack” under the page rule settings?

Hope to hear from you soon !

Thanks
Shashikant

Depending what kind of a Firewall rule have you setup with which action?
Maybe you made a rule that actually triggers so frequently, or, could be “allow” action so it is shown so much, or obviously a lot of traffic actually is hitting the xmlrpc.php, wp-login.php (two most common for WordPress) or some other page too.

In Firewall events tab, for each event/request that tirggers one of your Firewall rules, you see the IP address and request, and other information, so you can track if it is some kind of a lgitimate crawler/bot like Google or Bing, or actually something behind it.

You can enable it on xmlrpc.php and wp-login.php. But, having in mind, customers that need to sign-in will always face the “captcha challenge” due to this option being enabled.

  • if not combined with other criteria like challenge all except from Country or ASN or some other factor included in the existing Firewall rule …

If you are not using xmlrpc.php then just block it in the firewall.

As for wp-login.php, I would recommend you to protect it using Cloudflare Access.

2 Likes

Hi,

Thanks for your revert.

Attaching the screenshots of the page rules & firewalls which we had set up in our cloudflare account.

Hope this helps & you can suggest me more on this.

Thanks


Hi,

Do you have any specific article on this as in how to protect wp-login through cloudflare access? As we are just new to this cloudflare and with great difficulty we have enabled these firewalls & page rules attached in the above revert.

Thanks

Hi,

We also wanted to remove or give access to google search engine bot which crawl our website as we have a good place in google search results and do not want to spoil it now.

Hope the 3rd page rule would work according to this requirement.

You should be able to follow this:

https://developers.cloudflare.com/cloudflare-one/applications/configure-apps/self-hosted-apps

When configuring the URL to protect, just put /wp-login.php.

Thanks.

Let me try this. Hope this is an option included in the free account of Cloudflare.

If you are not using xmlrpc.php then just block it in the firewall.

For this we hope we have handled it with the firewall settings shared in the screen shots above or else do we have to do anything else?

Looks good to me.

Thanks for your time and reply.

Any other settings you suggest for a woocommerce website? Our server is being loaded with many requests from the Cloudflare IPs as per the server logs from our hosting team.

Is there any way that we can reduce the same.

Also, we have observed that we have cached the wp-content/uploads in the page rules but that cache is happening only at times in the network tab during the load of the page and sometimes they are loaded from the server directly. Is there a way to find and fix this?

Thanks

You need this:

1 Like