One ip repeatedly visible in the logs

There is some kind of bot and it constantly and extensively scans my website from IP I blocked it, but now I can’t use Firewall Logs as I wish, because there are too many logs entries with block action from this IP.

I had the same problem when I allowed access to a particular URL and there was too many allow log entries that Firewall Events generated by Managed Rules are hidden in those repeated entries.

Is it possible to exclude some of such logs entries from Firewall to be able to look into other logs?

Others have brought this up. Cloudflare says they’re working on the Firewall Events Log to make it more user friendly. No ETA, but we feel your pain.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.