Support » Plugin: Wordfence Security - Firewall & Malware Scan » Block IPs with Cloudflare or Wordfence?

  • Resolved AeroStar

    (@jetxpert)


    Good Day!

    We couldn’t find an answer to the following question:

    Is it best to block IPs, User Agents, etc with Cloudflare or Wordfence? (or both).

    Please explain.

    Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @jetxpert,

    If you do wish to incorporate a manual blocking plan, it’s important to note that Cloudflare will catch requests before they hit your site and Wordfence is an endpoint firewall that will (when optimized) run before the visible site is served but has already made it through Cloudflare to request the page data. You can then make a decision on the level at which you’d like to put blocks in place based on ease of management from your own perspective. Note that user agent rules on Cloudflare are restricted in number based on your plan type.

    Our general advice is that Cloudflare and Wordfence will be doing all of the important blocking for you automatically based on patterns and data, so you don’t have to. A planned manual IP blocking plan is generally an ineffective strategy and takes up your time, so please consult the following links before deciding on what you do going forward:

    https://www.wordfence.com/blog/2017/11/should-permantly-block-ips/

    https://www.wordfence.com/help/blocking/#ip-address

    Thanks,

    Peter.

    Thread Starter AeroStar

    (@jetxpert)

    Hi Peter,

    As always, excellent reply. Very helpful. Thank you.

    Yes, we agree. We need to let Cloudflare and Wordfence do their job and not implement an all-out manual blocking plan. If we did, it would be a full-time job.

    On the other hand, there are benefits to studying attack patterns (i.e., threats) that only affect a particular website and manually block those threats (and bad bots) not yet captured by Cloudflare nor Wordfence.

    For example, SeznamBot refuses to respect our robots.txt directives so we have blocked them with Cloudflare (not Wordfence). Amazingly, SeznamBot is quite “smart” and has increased its crawling rate of our website due to our block. So, as a side note, we highly recommend Wordfence remove SeznamBot from its “Allowedlisted Services” list and use the bot as an example to improve Wordfence’s WAF.

    In short, based on your answer and our research, we block bad IPs, user agents, bots, etc using Cloudflare — and only when our robots.txt directives are not respected or unique threats are identified.

    Again, thank you!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Block IPs with Cloudflare or Wordfence?’ is closed to new replies.