Let me show you How To Setup WordPress Website On Cloudflare (DDoS Protected).

I will share my own personal settings on all my websites with Cloudflare, showing how to setup DDOS protected website with Cloudflare (this also hides the IP of your web server adding that extra level of security) then we will also adjust the most important settings in Cloudflare to ensure your website is optimized for speed and security.

How To Setup Website On Cloudflare ...
How To Setup Website On Cloudflare | DDoS Protected Website With Cloudflare

Below are the codes for the firewall rules settings:

When you go over to firewall rules settings, just add these rules and copy-paste each detail. I will discuss in a different video why I am using all settings I have shown in the above video. It just happened that when I recorded the video, my mic was not plugged-in properly, so my mistake, and I was lazy to explain further when editing the video, so sorry! πŸ˜€

1. For WP Security (with JS Challenge)

Rule Name: WP Security

Expression Preview (Edit Expression to add code):

((http.request.uri.path contains "/xmlrpc.php") or (http.request.uri.path contains "/wp-login.php") or (http.request.uri.path contains "/wp-admin/" and not http.request.uri.path contains "/wp-admin/admin-ajax.php" and not http.request.uri.path contains "/wp-admin/theme-editor.php")) and ip.geoip.country ne "US"

Action: JS Challenge

make money with websites

Sign up for our newsletter and learn how to make money with websites.

Invalid email address
We promise not to spam you. You can unsubscribe at any time.

IMPORTANT: Just do know that for this code (and ip.geoip.country ne β€œUS”), the PH represents to your country or location. So you need to use your own for that section. It means the ACTION will not take place to your country.

2. For Blocking Bad bots

Rule Name: Block bad bots

Expression Preview (Edit Expression to add code):

(http.user_agent contains "Yandex") or (http.user_agent contains "muckrack") or (http.user_agent contains "Qwantify") or (http.user_agent contains "Sogou") or (http.user_agent contains "BUbiNG") or (http.user_agent contains "knowledge") or (http.user_agent contains "CFNetwork") or (http.user_agent contains "Scrapy") or (http.user_agent contains "SemrushBot") or (http.user_agent contains "AhrefsBot") or (http.user_agent contains "Baiduspider") or (http.user_agent contains "python-requests") or (http.user_agent contains "crawl" and not cf.client.bot) or (http.user_agent contains "Crawl" and not cf.client.bot) or (http.user_agent contains "bot" and not http.user_agent contains "bingbot" and not http.user_agent contains "Google" and not http.user_agent contains "Twitter" and not cf.client.bot) or (http.user_agent contains "Bot" and not http.user_agent contains "Google" and not cf.client.bot) or (http.user_agent contains "Spider" and not cf.client.bot) or (http.user_agent contains "spider" and not cf.client.bot)

Action: Block

If you have any questions, leave a comment down below or submit a post on our community forums.

Until next time, ciao!