a month ago
We are receiving requests that seems to be non relevant and to non existing endpoints. These requests seem to be related to a cmc WordPress. It makes troubles for us and make the system go down. We have tried ban their IPs but each time they come back with a different IP.
Here's a sample of the requests:
{
"requestId": "fQaXskf4SY2rD86pacI7Nw",
"timestamp": "2025-10-29T15:31:29.559383813Z",
"method": "GET",
"path": "/doc.php",
"host": "cbapro.ca",
"httpStatus": 404,
"upstreamProto": "HTTP/1.1",
"downstreamProto": "HTTP/2.0",
"responseDetails": "",
"totalDuration": 232,
"upstreamAddress": "http://[fd12:8ff0:7bf9:0:2000:59:7326:e60f]:8080",
"clientUa": "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36",
"upstreamRqDuration": 232,
"txBytes": 358,
"rxBytes": 766,
"srcIp": "162.158.190.9",
"edgeRegion": "asia-southeast1-eqsg3a",
"upstreamErrors": ""
}
2 Replies
a month ago
Hey there! We've found the following might help you get unblocked faster:
If you find the answer from one of these, please let us know by solving the thread!
a month ago
It seems like web crawlers/bots trying to see if there are any exploitable routes. One way to fix is to proxy the railway URL through Cloudflare to filter out/block these requests.