.
Can you check the rule and recommend any others?
I’m trying to set up some safety rules, and am now redoing the ones that blocked some countries on the managed challenge. Can you share your experience and tips of the best security rules ( page rules only or WAF) suitable for Wordpress sites?
Off
fritex
December 30, 2024, 11:34am
2
Sharing some useful from below posts and links:
That is a good question out there.
I would say it cannot be stated as a general rule of thumb, as far as some WordPress websites do not have to use like POST or PUT (WP REST API, wp-json, plugins etc.), while other have to - just an example.
You could try to block TRACE & TRACK for example.
Or, if you could for example, limit HEAD, GET and POST for some specific IP or some similar scenario, where you protect your Website from bad bots, possible attacks, etc. in terms of security measurements. …
Which part exactly? Are you getting blocked or?
Have you tried splitting it into smaller chunks and testing what you want to achieve?
Allow only your IP, onto what request, which, and where for the path or multiple files?
Are you able to filter out all countries except your own for wp-login and then JS Challenge even your country after all the others are blocked?
Cloudflare Access fits your needs if only you or a few members need access to WP login area:
Or it’s about public forum or boa…
2 Likes
Thanks a lot, this looks interesting!
1 Like
system
January 1, 2025, 12:12pm
4
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.
