CloudFlare防火墙规则用于保护WordPress

如何使用Cloudflare保护您的WordPress网站

https://www.chungtat.cn/%E5%A6%82%E4%BD%95%E4%BD%BF%E7%94%A8cloudflare%E4%BF%9D%E6%8A%A4%E6%82%A8%E7%9A%84wordpress%E7%BD%91%E7%AB%99/

https://www.websiterating.com/zh-CN/online-security/how-to-secure-wordpress-with-cloudflare-firewall-rules/

如何为WordPress配置Cloudflare设置

https://wpjian.com/tips/2020051532782.html

JS质询

(http.request.uri.path contains "/wp-login.php") or (http.request.uri.path contains "/wp-admin/" and not http.request.uri.path contains "/wp-admin/admin-ajax.php" and not http.request.uri.path contains "/wp-admin/theme-editor.php") or (http.request.uri.path contains "/wp-content/plugins/" and not http.referer contains "yourwebsite.com" and not cf.client.bot) or (http.request.uri.path eq "/wp-comments-post.php" and http.request.method eq "POST" and not http.referer contains "yourwebsite.com")

阻止

(http.request.uri.path contains "/xmlrpc.php") or (http.user_agent contains "Slackbot") or (http.user_agent contains "WPScan") or (http.user_agent contains "Superfeedr") or (http.user_agent contains "python")