Web Firewall Application FREE users

What’s the best setting for FREE users User Agent Blocking Rule?
10 Rules

The usage of User Agent Blocking will totally depend on your use-case.

Usually it is used when you have specific traffic you yourself want to block. A malicious actor for example.

I would recommend looking at Firewall Rules instead, as a FREE customer you can utilize Firewall Rules to create protection rules.

You also need to have reason to do this, examples include:

  • Under attack
  • Restrict traffic from X region
  • Loads more.

Read more: Cloudflare Firewall Rules – Cloudflare Help Center


I was looking for some setting which a normal website uses, Can anyone list them here, please.
as for Firewall Rules list it’s here. Anything changing please let me know as I’m still learning thank you

Block wp-login.php Attacks
(http.request.uri.path contains “/wp-login.php”)

Protect the wp-admin Area
(http.request.uri.path contains “/wp-admin/” and not http.request.uri.path contains “/wp-admin/admin-ajax.php” and not http.request.uri.path contains “/wp-admin/theme-editor.php”)

Block No-Referer Requests to Plugins
(http.request.uri.path contains “/wp-content/plugins/” and not http.referer contains “YourDomain” and not cf.client.bot)

Reduce Spam by Blocking Direct Requests to wp-comments-post.php
(http.request.uri.path eq “/wp-comments-post.php” and http.request.method eq “POST” and not http.referer contains “YourDomain”)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.