[Seeking Opinion] WAF Rule blocking php
Hi!
My website is in Astro so has nothing to do with any .php. When I look at my cache analytics I saw all these bots trying to access all kinds of .php endpoints.
So I added a WAF rule to block all .php requests. Is this a good idea? Are there better ways to do or what is standard practice?
Many thanks! Feel free to opinionate 🙂
2 Replies
cf will block known malicious requests targeting php applications. Unless you have a origin server or use a service that charges per usage (e.g paid workers) it won't really matter whether you block those requests
oh true, my bad
Thanks! But I also have the pro plan. Small price to pay for the awesomeness of Cloudflare 😄