Who Is Attacking Your Website: Wordfence image

Learning WordPress Security Threats with Wordfence & CloudFlare

Learning WordPress Security Threats with Wordfence & CloudFlare is aimed at security-conscious WordPress Administrators. It collates security threat data from Wordfence and WordPress. It provides suspicious ASN data for CloudFlare restrictions.

This page started as part of Learning Wordfence with CloudFlare. Originally, I tabulated all security data together for CloudFlare processing. Now, I’ve split the bad and suspicious IP addresses here, retaining good authorized user data in the original page.

WordPress Security Threat IP Address Data

Optional Wordfence emails provide data about attempted security breaches. Wordfence also records suspicious IP addresses that do not get reported in emails.

I’ve extended Wordfence Security Threat IP Address Data to include data outside Wordfence. I need to do this to collect all bad Internet Service Provider information in one place. This helps to make a more complete assessment when I decide how to restrict ASN firewall records in CloudFlare.

Who Is Attacking Your Website: Wordfence image

Who Is Attacking Your Website? Wordfence is just one of the tools you need.

Learning WordPress Security Threats

Currently, this page collates data on suspicious ASN Internet Service Providers. I will use it to generate CloudFlare restrictions for bad IP addresses and ASNs.

At the moment, it is a choice between updating CloudFlare with IP address restrictions as they arise. Or, waiting until bad ASNs are revealed, and processing CloudFlare just at the ASN level. I’m investigating the feasibility of a two-pronged CloudFlare update strategy:

  1. Whitelisting individual IP addresses from the ‘good guys’ list.
  2. Restricting ASN IP Address ranges from the ‘bad guys’ list.

Clearly, I need to collate IP addresses based on ASN records. Therefore, I will create intermediate ASN records to link Wordfence to CloudFlare. I may introduce some automation. But, I feel a buffer is necessary, rather than updating CloudFlare direct from Wordfence and/or WordPress.

Please leave your comments about Learning WordPress Security Threats below. If you want to ask about other aspects of Wordfence, CloudFlare, or anything else, please ask in the Internet Forum.

Leave a Reply