Even though CloudFlare is effective and powerful tool to protect your Wordpress website from malicious traffic. Sometimes it is just not enoug of protection.
Especially when there are smaller amount of inflow traffic from non registerd bot addresses.
In that case help can be sought from rate limit function of CloudFlare. Even though this option is limited to very basic options in free version ,it can still be used effectively with little thinking before and is very powerful tool to mitigate attacks with zero cost.
To star use rate-limiting on your blog go to:
yourdomainname.com — Security — WAF (web application firewall)
Click on Rate limiting — Create rule
Now comes most important part:
If incoming requests match… must be as follows:
URI PATH — does not contain — /wp-
URI Path does not contain “/wp-”
When rate exceeds is a bit tricky but good starting point is 39
You can later watch Events and see if any legitimate treffic is being blocked than you can increase this accordingly.
Take Action — Block
A a free Cloudflare user you will have only this options available and this is enugh for a good start and free and effective protection of your website.
If you find this tutorial inspiring and helpful, please feel free to share your thoughts in the comment section below. Your feedback is not only valuable, it’s essential for us to continue refining our content to better suit your needs. Moreover, if you have any questions or require further clarification on any points discussed, do not hesitate to post your queries.
Facing DDoS Attacks or Need Infrastructure Help?
Don't wait for the next attack or infrastructure issue. Get expert help with DDoS mitigation, AWS optimization, and security hardening.
Get Expert Help Now