sabrysuleiman/Cloudflare Security rules for Wordpress.txt

## Cloudflare Security rules for Wordpress.txt
(http.request.uri.path contains "/wp-comments-post.php")
or (http.request.uri.path contains "/wp-content/uploads/" and http.request.uri.path contains ".php")
or (http.request.uri.path contains "xmlrpc.php")
or (http.request.uri.path contains "/wp-content/themes/" and http.request.uri.path contains ".php")
or (http.request.uri.path contains "/wp-content/plugins/" and http.request.uri.path contains ".php")
or (http.request.uri.path contains "readme.html")
or (http.request.uri.path contains "license.txt")
or (http.request.uri.path contains "wp-config.php")
or (http.request.uri.path contains ".env")
or (http.request.uri.path contains ".git")
or (http.request.uri.path contains "wp-admin/install.php")
or (http.request.uri.path contains "wp-admin/setup-config.php")

# only if not used
or (http.request.uri.path contains "/wp-json/")

# only after change loginurl
or (http.request.uri.path contains "/wp-login.php")
	(http.request.uri.path contains "/wp-comments-post.php")
	or (http.request.uri.path contains "/wp-content/uploads/" and http.request.uri.path contains ".php")
	or (http.request.uri.path contains "xmlrpc.php")
	or (http.request.uri.path contains "/wp-content/themes/" and http.request.uri.path contains ".php")
	or (http.request.uri.path contains "/wp-content/plugins/" and http.request.uri.path contains ".php")
	or (http.request.uri.path contains "readme.html")
	or (http.request.uri.path contains "license.txt")
	or (http.request.uri.path contains "wp-config.php")
	or (http.request.uri.path contains ".env")
	or (http.request.uri.path contains ".git")
	or (http.request.uri.path contains "wp-admin/install.php")
	or (http.request.uri.path contains "wp-admin/setup-config.php")

	# only if not used
	or (http.request.uri.path contains "/wp-json/")

	# only after change loginurl
	or (http.request.uri.path contains "/wp-login.php")
No results found