Cloudflare Firewall – Cum sa blochezi botii si sa securizezi Wordpress

Daca folosesti serviciile CloudFlare atunci trebuie sa stii ca poti sa filtrezi mare parte din traficul inutil si chiar sa-ti securizezi site-ul impotriva atacurilor!

Nu o sa intru in detalii foarte tehnice, pentru ca acest articol este dedicat celor deja familiarizati cu serviciile CloudFlare si au ceva idee despre cum se configureaza filtrele pentru firewalul din interfata CF.

Asadar, iata mai jos cateva reguli simple pentru a filtra o parte din traficul inutil si din atacurile asupra site-ului, in special in cazul celor care au instalat wordpress.

CloudFlare Firewall Rule

Annoying Bot – Action: Block

(http.user_agent contains "ahrefs") or (http.user_agent eq "grapeshot") or (http.user_agent eq "msnbot") or (http.user_agent eq "yandex") or (http.user_agent eq "dotbot") or (http.user_agent eq "semrush") or (http.user_agent eq "yahoo") or (http.user_agent eq "mail.ru") or (http.user_agent eq "bing") or (http.user_agent eq "baidu") or (http.user_agent eq "apple") or (http.user_agent eq "archive.org")

China Bot – Action: Block

(http.user_agent contains "Mb2345Browser") or (http.user_agent contains "LieBaoFast") or (http.user_agent contains "MicroMessenger") or (http.user_agent contains "zh_CN") or (http.user_agent contains "NetType/WIFI") or (http.user_agent contains "zh-CN")

Invalid Request (Automated Bots Tool For Hackers) – Action: Block

(http.user_agent contains "Nmap") or (http.user_agent eq "-") or (http.user_agent contains "masscan") or (http.user_agent contains "curl") or (http.user_agent contains "ZmEu") or (http.request.uri.path contains "scripts/setup.php") or (http.user_agent contains "python")

WP-Login Atack Bot – Action: Block

(http.user_agent eq "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0") or (http.user_agent contains "PHP/7.2.8")

WP-Login/Admin CAPTCHA – Action: Challenge (Captcha)

(http.request.uri.path contains "/xmlrpc.php") or (http.request.uri.path contains "/wp-login.php")

Primele patru reguli se pot practic concatena (unifica), pentru a nu folosi toate cele 5 filtre accesibile celor care folosesc CloudFlare in mod gratuit.

Cloudflare-Web Performance-Security

Blogging fericit!

byrev Written by:

Be First to Comment

    Leave a Reply

    Your email address will not be published. Required fields are marked *