Cloudflare WAF – Login Protection

One of the most commonly attacked pieces of a WordPress install is the login page. Many people will “hide” it to no avail. Others will add math tests or third party logins.

As part of my standard deployment of a site I use a custom Cloudflare rule to protect my login page. With this rule I can eliminate almost all bot traffic to the wp-login.php, and with some minor tweaks even limit the login by country while not impacting the usability of the site for the normal user and even for the WooCommerce user.

To access this content, you must purchase Security Ninja Membership.