Support » Plugin: PhastPress » Problem with Cloudflare Rules

  • Resolved hellohubble

    (@hellohubble)


    Hi mate,

    This plugin is excellent, but it doesn’t work propely with my cloudflare security rules and so far I couldn’t identify witch rule is causing me problems. I hope you can help me solve this and keep my site secure.

    These are my security rules on cloudflare, it works very well preventing hacks, but together with PhastPress I get too many MIME errors, 403 forbidden and it blocks JS and CSS from execution.

    “(cf.threat_score gt 15) or
    (ip.geoip.continent in {“AF” “AN” “AS”}) or
    (http.request.uri.path contains “/xmlrpc.php”) or
    (lower(http.user_agent) contains “crawler” and not http.user_agent contains “ia_archiver”) or
    (lower(http.user_agent) contains “spider”) or
    (http.user_agent contains “AhrefsBot/”) or
    (http.user_agent contains “baidu.com”) or
    (http.user_agent contains “/bin/bash”) or
    (http.user_agent contains “DnyzBot/”) or
    (http.user_agent contains “DotBot/”) or
    (http.user_agent contains “eval(“) or
    (http.user_agent contains “Go-http-client/”) or
    (http.user_agent contains “Nikto”) or
    (http.user_agent contains “Nimbostratus”) or
    (http.user_agent contains “python-requests”) or
    (http.user_agent contains “Scrapy/”) or
    (http.user_agent contains “SeznamBot/”) or
    (http.user_agent contains “Sogou”) or
    (http.user_agent contains “spbot/”) or
    (http.user_agent contains “Uptimebot/”) or
    (http.user_agent contains “WebDAV-MiniRedir”) or
    (http.user_agent contains “WinHttp.WinHttpRequest”) or
    (http.user_agent contains “Yandex”) or
    (http.user_agent contains “YandexBot”) or
    (http.user_agent contains “ZmEu”) or
    (http.request.uri.query contains “author_name=”) or
    (http.request.uri.query contains “author=” and not http.request.uri.path contains “/wp-admin/export.php”) or
    (http.request.uri contains “/wp-json/wp/v2/users/”) or
    (http.request.uri contains “wp-config.”) or
    (http.request.uri.path contains “/wp-content/” and http.request.uri.path contains “.php”) or
    (lower(http.request.uri.path) contains “phpmyadmin”) or
    (http.request.uri.path contains “/phpunit”) or
    (http.request.uri contains “<?php”) or
    (http.cookie contains “<?php”) or
    (http.request.uri contains “../”) or (http.request.uri contains “..%2F”) or
    (http.request.uri contains “passwd”) or
    (http.request.uri contains “/dfs/”) or
    (http.request.uri contains “/autodiscover/”) or
    (http.request.uri contains “/wpad.”) or
    (http.request.uri contains “/wallet.dat”) or
    (http.request.uri contains “webconfig.txt”) or
    (http.request.uri contains “vuln.”) or
    (http.request.uri contains “.env”) or
    (http.request.uri.query contains “astebin.com/”) or
    (http.request.uri.query contains “swp_url”) or
    (http.request.uri.query contains “base64”) or
    (http.request.uri.query contains “<script”) or (http.request.uri.query contains “%3Cscript”) or
    (http.cookie contains “<script”) or (http.referer contains “<script”) or
    (http.request.uri.query contains “$_GLOBALS[“) or
    (http.request.uri.query contains “$_REQUEST[“) or
    (http.request.uri.query contains “$_POST[“)”

    If I deactivate them it works just fine but I’d like to remain secure with these rules and use PhastPress at the same time. Do you have any ideia which one causes it or how I can solve this?

    Cheers,
    Marcos

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.