Skip to content

Instantly share code, notes, and snippets.

@nadar

nadar/cloudflare-block-wp.md

Last active March 17, 2024 16:16
Show Gist options
  • Save nadar/44c47a894afb3013a34a9e527830fb6b to your computer and use it in GitHub Desktop.
Save nadar/44c47a894afb3013a34a9e527830fb6b to your computer and use it in GitHub Desktop.
Download ZIP
Cloudflare WAF Block Wordpress Requests
Raw
cloudflare-block-wp.md

The main purpose of this site is to block out requests which target on Wordpress Sites, BUT WE DONT USER WORDPRESS!

(http.request.uri contains "wp-login") or 
(http.request.uri contains "xmlrpc.php") or 
(http.request.uri contains "shell.php") or 
(http.request.uri contains "repeater.php") or 
(http.request.uri contains "wp-admin") or 
(http.request.uri contains "ccx") or 
(http.request.uri contains "wp-content") or 
(http.request.uri contains "wp-includes") or 
(http.request.uri contains "administrator") or 
(http.request.uri contains "install.php") or 
(http.request.uri contains "dropdown.php") or 
(http.request.uri contains "ajax") or 
(http.request.uri contains "login.php") or 
(http.request.uri contains "wlwmanifest") or 
(http.request.uri contains "installer.php") or 
(http.request.uri contains "wikindex") or 
(http.request.uri contains "config.php") or 
(http.request.uri contains "wp-class") or 
(http.request.uri contains "info.php") or 
(http.request.uri contains "wp-booking.php") or 
(http.request.uri contains "config.bak.php") or 
(http.request.uri contains "test.php") or 
(http.request.uri contains "larva.php") or 
(http.request.uri contains "boom.php") or 
(http.request.uri contains "admin.php") or 
(http.request.uri contains "application/config") or 
(http.request.uri contains "wp-plain.php") or 
(http.request.uri contains "wp-1ogin") or 
(http.request.uri contains "/shell") or 
(http.request.uri contains "simple.php") or 
(http.request.uri contains "adminer") or 
(http.request.uri contains "cong.php") or 
(http.request.uri contains "/includes/") or 
(http.request.uri contains "/wordpress") or 
(http.request.uri contains "tmp.php") or 
(http.request.uri contains "mini.php") or 
(http.request.uri contains "WSO.php") or 
(http.request.uri contains "cpanel.php") or 
(http.request.uri contains "sql.php") or 
(http.request.uri contains "gel4y.php") or 
(http.request.uri contains "filefuns.php") or 
(http.request.uri contains "wp-crons.php") or 
(http.request.uri contains "wp-configs.php") or 
(http.request.uri contains "post.php") or 
(http.request.uri contains "r3x.php") or 
(http.request.uri contains "app.php") or 
(http.request.uri contains "gecko.php") or 
(http.request.uri contains "fm.php") or 
(http.request.uri contains "web.php") or 
(http.request.uri contains "defaults.php") or 
(http.request.uri contains "index.php") or 
(http.request.uri contains "function.php") or 
(http.request.uri contains "wp-activate.php") or 
(http.request.uri contains "wp-l0gin.php") or 
(http.request.uri contains "worksec.php") or 
(http.request.uri contains "comdofuns.php") or 
(http.request.uri contains "inputs.php") or 
(http.request.uri contains "LA.php") or 
(http.request.uri contains "moon.php") or 
(http.request.uri contains "mah.php") or 
(http.request.uri contains "byp.php") or 
(http.request.uri contains "indeex.php") or 
(http.request.uri contains "index1.php") or 
(http.request.uri contains "css.php") or 
(http.request.uri contains "wp-links.php") or 
(http.request.uri contains "input.php") or 
(http.request.uri contains "moded.php") or 
(http.request.uri contains "autoload_classmap.php") or 
(http.request.uri contains "wp-2019.php") or 
(http.request.uri contains "cmd.php") or 
(http.request.uri contains "doc.php") or 
(http.request.uri contains "tinyimg.php") or 
(http.request.uri contains "ws.php") or 
(http.request.uri contains "x.php") or 
(http.request.uri contains "wp-links-opml.php") or 
(http.request.uri contains "radio.php") or 
(http.request.uri contains "wp-file.php") or 
(http.request.uri contains "style.php") or 
(http.request.uri contains "fw.php") or 
(http.request.uri contains "sx.php") or 
(http.request.uri contains "sidwso.php") or 
(http.request.uri contains "bussubmit.php") or 
(http.request.uri contains "jquery.php") or 
(http.request.uri contains "about.php") or 
(http.request.uri contains "cloud.php") or 
(http.request.uri contains "avaa.php") or 
(http.request.uri contains "updates.php") or 
(http.request.uri contains "alfanew.php") or 
(http.request.uri contains "wsoyanz.php") or 
(http.request.uri contains "yanz.php") or 
(http.request.uri contains "cache-compat.php") or 
(http.request.uri contains "wp-consar.php") or 
(http.request.uri contains "admin-post.php") or 
(http.request.uri contains "xmrlpc.php") or 
(http.request.uri contains "chosen.php")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment