block malicious probing requests
my web app gets requests like these:
which seem to be probing for vulnerabilities since none of the urls exist and e.g. my site isn't a wordpress site.
Is there any way to easily block these?
I could create WAF custom rules but would that turn into wack-a-mole if I need to manually specify every invalid URL being requested?
I'm currently on the free plan so I could upgrade to pro to enable more managed rules, but its unclear to me if that'll solve the issue.
It's not a lot of traffic so its not hurting too much. The biggest annoyance for me is it creates errors in my observability data, making it harder to find real issues amongst these phantom issues.
which seem to be probing for vulnerabilities since none of the urls exist and e.g. my site isn't a wordpress site.
Is there any way to easily block these?
I could create WAF custom rules but would that turn into wack-a-mole if I need to manually specify every invalid URL being requested?
I'm currently on the free plan so I could upgrade to pro to enable more managed rules, but its unclear to me if that'll solve the issue.
It's not a lot of traffic so its not hurting too much. The biggest annoyance for me is it creates errors in my observability data, making it harder to find real issues amongst these phantom issues.
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,042Members
Resources
Similar Threads
Was this page helpful?
