dawn whale
Hi!
My website is in Astro so has nothing to do with any .php. When I look at my cache analytics I saw all these bots trying to access all kinds of .php endpoints.
So I added a WAF rule to block all .php requests. Is this a good idea? Are there better ways to do or what is standard practice?
Many thanks! Feel free to opinionate 🙂
balmy fog
Hi!
My website is in Astro so has nothing to do with any .php. When I look at my...
cf will block known malicious requests targeting php applications. Unless you have a origin server or use a service that charges per usage (e.g paid workers) it won't really matter whether you block those requests
zealous gulch
cf will block known malicious requests targeting php applications
if you have the managed waf which requires pro plan*
but this is irrelevant here, since PHP isnt even being used
go ahead and block anything you want
balmy fog
>cf will block known malicious requests targeting php applications
if you have t...
oh true, my bad