CloudFlare防火墙规则用于保护WordPress

admin   ·   发表于 3个月前   ·   网站运维

新建一个防火墙规则,填写防火墙规则:URI Full contains wp-login(如下图所示)则触发规则,采取的措施是 JS Challenge:

实际效果就是只要访问了 wp-login.php,就会触发 Cloudflare 的 5 秒盾,自己访问不受影响,那些探测器就别想暴力破解登录密码了:

(http.request.full_uri contains "wp-login")


在WP-login.php之后,XMLRPC.php是第二个最常见的攻击目标



(cf.threat_score ge 2 and not cf.client.bot) or (http.request.uri contains "xmlrpc.php") or (http.request.uri contains "/wp-admin/") or (http.request.uri contains "wp-cron.php")


(ip.geoip.country eq "CN") or (http.request.uri contains "downloader") or (http.request.uri contains "vendor") or (http.request.uri contains ".tar") or (http.request.uri contains ".gz") or (http.request.uri contains ".zip") or (http.request.uri contains ".sql") or (cf.threat_score gt 50) or (http.request.uri contains ".asp") or (http.request.uri contains "well-known" and http.user_agent contains "Apache-HttpClient/4.5.2") or (http.user_agent contains "Go-http-client") or (http.user_agent contains "python-requests") or (http.user_agent contains "Ruby") or (http.user_agent contains "masscan") or (http.user_agent contains "Go http package") or (http.user_agent contains "rest-client") or (http.user_agent contains "Nuclei") or (ip.src eq 59.42.121.6) or (http.request.uri contains "wp-cron.php") or (http.request.uri contains "/wp-admin/admin-ajax.php")


如何为WordPress配置Cloudflare设置

https://wpjian.com/tips/2020051532782.html

0 Reply   |  Until 3个月前 | 81 View
LoginCan Publish Content