Spam traffic on logs shows only CF IP's

Hello all,

I saw on my apache logs that i receive quite a lot of SPAM traffic like it shows on the image below.

i tried to check some of those IP’s but they end up showing all as Cloudflare IP’s…How can i sort out this issue, since i already have WAF enabled and i believe that i have deployed good security rules.

PS: On the server that i receive these traffic, i dont run wordpress.

If you restore visitor IPs then you will be able to have the real client IPs in the log instead of the Cloudflare proxy IPs…

Scans from bots for Wordpress and other paths is very common. You can just leave them as they just 404, or use the WAF to block such requests.

You may also want to challenge the ASNs from large server and cloud providers (Digital Ocean, OVH and others) that are the biggest homes for such bots.

2 Likes

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.