Cloudflare can do some pretty nifty stuff to add some extra security to any sensitive pages, not just to WordPress. For this example though, we’ll be using WordPress.
On all my domains, I’ve setup a new page rule to give added security to the dashboard login pages. What this means is that anyone trying to use wp-login.php, instead of being served the page raw will instead go through a Cloudflare browser check first. Essentially it’s just checking if the traffic is legitimate before allowing it any further.
To set it up is pretty simple, all you have to do is login to Cloudflare, select the domain you want and click on the ‘page rules’ tab. From there, create new rule and set it up like so,
That’s pretty much all there is to it, if you’re using Cloudflare already there’s no reason not to be leveraging this extra protection.