In this post, I will be sharing keywords that can be used to enhance the security of your website through the Cloudflare firewall.
Cloudflare is a powerful security and performance platform that provides a range of features to protect your website from threats such as DDoS attacks, malware, and more.
By adding these specific keywords to your Cloudflare firewall rules, you can improve the overall security of your website
So, let’s get started and learn how to boost the security of your website with Cloudflare!
Table of Contents
Blocking Access to PHP Files
If you have a static site with informational content, you don’t really need to let automated traffic or real visitors check PHP files.
I block access to all PHP files so I am blocking some of the worst attacks that are made on a daily basis to web apps.
If you block access to PHP files, you can stop worrying about most reports from security plugins.
If you get an email like this, you know that your site won’t be vulnerable to these types of attacks:
This is another example of an attack that would be completely blocked if you blocked access to all PHP files
Blocking access to PHP files will also reduce Brute Force attacks to Zero.
Blocking File Extensions
Bots, or automated software programs, are often used to scan through websites in search of specific types of files.
One common tactic employed by these bots is to scan for file extensions such as .rar and .zip, as these types of files are often used for backups and other important files.
When a bot encounters a .rar or .zip file, it will typically attempt to extract the contents of the file in order to access the files inside.
These are some of the file extensions that you should add to your CloudFlare Firewall Rules
| .zip | .tar |
| .gz | .rar |
| .bak | .iso |
| .dat | .db |
| .sql | .tgz |
| .7z | .bz2 |
| .zlib | .bk |
Keywords you should Block
Bots can also use other techniques to try and find important files. For example, they may scan for specific keywords or phrases in file names or contents.
Make sure you can safely block these keywords before adding them to your Firewall.
| Keywords | Directory | With Slash |
| wamp | /dev/ | /mariadb |
| xampp | /test/ | /db |
| staging | /network/ | /backup |
| execute | /downloader/ | /command |
| echo | /wordpress/ | /cmd |
More Keywords
These are some lists that are used to find exploits on WordPress sites, you can’t include them all on your Firewall rules but you can
More about WordPress Security
These are other WordPress security posts that you also might want to check out.
