What’s the best setting for FREE users User Agent Blocking Rule?
The usage of User Agent Blocking will totally depend on your use-case.
Usually it is used when you have specific traffic you yourself want to block. A malicious actor for example.
I would recommend looking at Firewall Rules instead, as a FREE customer you can utilize Firewall Rules to create protection rules.
You also need to have reason to do this, examples include:
- Under attack
- Restrict traffic from X region
- Loads more.
I was looking for some setting which a normal website uses, Can anyone list them here, please.
as for Firewall Rules list it’s here. Anything changing please let me know as I’m still learning thank you
Block wp-login.php Attacks
(http.request.uri.path contains “/wp-login.php”)
Protect the wp-admin Area
(http.request.uri.path contains “/wp-admin/” and not http.request.uri.path contains “/wp-admin/admin-ajax.php” and not http.request.uri.path contains “/wp-admin/theme-editor.php”)
Block No-Referer Requests to Plugins
(http.request.uri.path contains “/wp-content/plugins/” and not http.referer contains “YourDomain” and not cf.client.bot)
Reduce Spam by Blocking Direct Requests to wp-comments-post.php
(http.request.uri.path eq “/wp-comments-post.php” and http.request.method eq “POST” and not http.referer contains “YourDomain”)