Common Rules

NameTagFieldOperatorValueActionExpression Preview
Block xml-rpc Attacks
security
URI Path
equals
/xmlrpc.php
block
(http.request.uri.path contains "/xmlrpc.php")
Block Non-Local Logins
securitycountry
URI
contains
wp-login.php
and
Country
is not in
Canada
captcha
(http.request.uri contains "wp-login.php" and not ip.geoip.country in {"CA"})
User Agent
contains
ahrefs
or
User Agent
contains
opensite
or
User Agent
contains
dotbot
block
(http.user_agent contains "semrush") or (http.user_agent contains "ahrefs") or (http.user_agent contains "opensite") or (http.user_agent contains "dotbot")
Add Captcha to Important Pages
security
URI Path
contains
/xmlrpc.php
or
((http.request.uri.path contains "/xmlrpc.php") or (http.request.uri.path contains "/wp-login.php") or (http.request.uri.path contains "/wp-admin/" and not http.request.uri.path contains "/wp-admin/admin-ajax.php" and not http.request.uri.path contains " /wp-admin/theme-editor.php"))
UR Path
contains
/wp-login.php
or
UR Path
contains
/wp-admin/
and
UR Path
contains
/wp-admin/admin-ajax.php
and
UR Path
contains
/wp-admin/theme-editor.php
Captcha
Block Specific Countries
securitycountry
Country
equals
Russian Federation
or
Country
equals
Hong Kong
block
(ip.geoip.country eq "RU") or (ip.geoip.country eq "HK")
Block All Countries Except
securitycountry
Country
does not equal
United States
or
Country
does not equal
Canada
block
(ip.geoip.country ne "US") or (ip.geoip.country ne "CA")
Require Catpcha for Threat Score of 10
security
Threat Score
greater than
10
captcha
(cf.threat_score ge 10)
Block Threat Score greater than 20
security
Threat Score
greater than
20
block
(cf.threat_score ge 20)
Bloc SEO Crawlers
bots
User Agent
contains
semrush
or