{"id":3412,"date":"2025-12-26T17:04:24","date_gmt":"2025-12-26T14:04:24","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/cloudflare-guvenlik-ayarlari-rehberi-kucuk-isletme-siteleri-icin-waf-rate-limit-ve-bot-korumasi\/"},"modified":"2025-12-26T17:04:24","modified_gmt":"2025-12-26T14:04:24","slug":"cloudflare-guvenlik-ayarlari-rehberi-kucuk-isletme-siteleri-icin-waf-rate-limit-ve-bot-korumasi","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/cloudflare-guvenlik-ayarlari-rehberi-kucuk-isletme-siteleri-icin-waf-rate-limit-ve-bot-korumasi\/","title":{"rendered":"Cloudflare G\u00fcvenlik Ayarlar\u0131 Rehberi: K\u00fc\u00e7\u00fck \u0130\u015fletme Siteleri \u0130\u00e7in WAF, Rate Limit ve Bot Korumas\u0131"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Kucuk_Isletmeler_Icin_Cloudflare_Guvenliginin_Neden_Kritik_Oldugunu_Netlestirelim\"><span class=\"toc_number toc_depth_1\">1<\/span> K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in Cloudflare G\u00fcvenli\u011finin Neden Kritik Oldu\u011funu Netle\u015ftirelim<\/a><\/li><li><a href=\"#Cloudflare_Guvenlik_Mimarisi_DCHost_Sunucunuzun_Onundeki_Akilli_Katman\"><span class=\"toc_number toc_depth_1\">2<\/span> Cloudflare G\u00fcvenlik Mimarisi: DCHost Sunucunuzun \u00d6n\u00fcndeki Ak\u0131ll\u0131 Katman<\/a><ul><li><a href=\"#Cloudflare_DNS_ve_Proxy_Turuncu_Bulut_Mantigi\"><span class=\"toc_number toc_depth_2\">2.1<\/span> Cloudflare DNS ve Proxy (Turuncu Bulut) Mant\u0131\u011f\u0131<\/a><\/li><li><a href=\"#Cloudflare_DCHost_Altyapisini_Birlikte_Dusunmek\"><span class=\"toc_number toc_depth_2\">2.2<\/span> Cloudflare + DCHost Altyap\u0131s\u0131n\u0131 Birlikte D\u00fc\u015f\u00fcnmek<\/a><\/li><\/ul><\/li><li><a href=\"#Cloudflare_WAF_Ayarlari_Kucuk_Isletmeler_Icin_Pratik_Profil\"><span class=\"toc_number toc_depth_1\">3<\/span> Cloudflare WAF Ayarlar\u0131: K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in Pratik Profil<\/a><ul><li><a href=\"#Managed_Rulesets_ile_Hizli_Baslangic\"><span class=\"toc_number toc_depth_2\">3.1<\/span> Managed Rulesets ile H\u0131zl\u0131 Ba\u015flang\u0131\u00e7<\/a><\/li><li><a href=\"#WordPress_ve_WooCommerce_Icin_Tipik_WAF_Kurallari\"><span class=\"toc_number toc_depth_2\">3.2<\/span> WordPress ve WooCommerce \u0130\u00e7in Tipik WAF Kurallar\u0131<\/a><\/li><li><a href=\"#False_Positiveler_Yanlis_Pozitifleri_Yonetmek\"><span class=\"toc_number toc_depth_2\">3.3<\/span> False Positive\u2019ler: Yanl\u0131\u015f Pozitifleri Y\u00f6netmek<\/a><\/li><li><a href=\"#Ulke_Bazli_Engelleme_ve_Jeo-Filtreleme\"><span class=\"toc_number toc_depth_2\">3.4<\/span> \u00dclke Bazl\u0131 Engelleme ve Jeo-Filtreleme<\/a><\/li><\/ul><\/li><li><a href=\"#Rate_Limiting_Login_Arama_ve_API_Uclarini_Sakinlestirmek\"><span class=\"toc_number toc_depth_1\">4<\/span> Rate Limiting: Login, Arama ve API U\u00e7lar\u0131n\u0131 Sakinle\u015ftirmek<\/a><ul><li><a href=\"#Hangi_Endpointlere_Rate_Limit_Koymali\"><span class=\"toc_number toc_depth_2\">4.1<\/span> Hangi Endpoint\u2019lere Rate Limit Koymal\u0131?<\/a><\/li><li><a href=\"#Gercekci_Rate_Limit_Esik_Degerleri\"><span class=\"toc_number toc_depth_2\">4.2<\/span> Ger\u00e7ek\u00e7i Rate Limit E\u015fik De\u011ferleri<\/a><\/li><\/ul><\/li><li><a href=\"#Bot_Korumasi_Iyi_Botu_Oldurmeden_Kotu_Botu_Disarida_Birakmak\"><span class=\"toc_number toc_depth_1\">5<\/span> Bot Korumas\u0131: \u0130yi Botu \u00d6ld\u00fcrmeden K\u00f6t\u00fc Botu D\u0131\u015far\u0131da B\u0131rakmak<\/a><ul><li><a href=\"#Bot_Fight_Mode_ve_Dikkat_Etmeniz_Gerekenler\"><span class=\"toc_number toc_depth_2\">5.1<\/span> Bot Fight Mode ve Dikkat Etmeniz Gerekenler<\/a><\/li><li><a href=\"#Bot_Skoru_ile_Ince_Ayarli_Firewall_Kurallari\"><span class=\"toc_number toc_depth_2\">5.2<\/span> Bot Skoru ile \u0130nce Ayarl\u0131 Firewall Kurallar\u0131<\/a><\/li><li><a href=\"#Iyi_Botlari_SEO_Analiz_vb_Korumak\"><span class=\"toc_number toc_depth_2\">5.3<\/span> \u0130yi Botlar\u0131 (SEO, Analiz vb.) Korumak<\/a><\/li><\/ul><\/li><li><a href=\"#Cloudflare_Guvenlik_Ayarlarini_Test_Etme_Izleme_ve_Loglama\"><span class=\"toc_number toc_depth_1\">6<\/span> Cloudflare G\u00fcvenlik Ayarlar\u0131n\u0131 Test Etme, \u0130zleme ve Loglama<\/a><ul><li><a href=\"#Firewall_Events_ve_Security_Analyticsi_Takip_Etmek\"><span class=\"toc_number toc_depth_2\">6.1<\/span> Firewall Events ve Security Analytics\u2019i Takip Etmek<\/a><\/li><li><a href=\"#Sunucu_Loglari_ile_Birlikte_Yorumlamak\"><span class=\"toc_number toc_depth_2\">6.2<\/span> Sunucu Loglar\u0131 ile Birlikte Yorumlamak<\/a><\/li><li><a href=\"#Test_Ortami_Staging_ve_Kademeli_Yayina_Alma\"><span class=\"toc_number toc_depth_2\">6.3<\/span> Test Ortam\u0131, Staging ve Kademeli Yay\u0131na Alma<\/a><\/li><\/ul><\/li><li><a href=\"#Kucuk_Isletmeler_Icin_Onerilen_Cloudflare_Guvenlik_Check-listi\"><span class=\"toc_number toc_depth_1\">7<\/span> K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in \u00d6nerilen Cloudflare G\u00fcvenlik Check-list\u2019i<\/a><\/li><li><a href=\"#Sonuc_DCHost_Cloudflare_ile_Dengeli_Guvenli_ve_Hizli_Mimari\"><span class=\"toc_number toc_depth_1\">8<\/span> Sonu\u00e7: DCHost + Cloudflare ile Dengeli, G\u00fcvenli ve H\u0131zl\u0131 Mimari<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Kucuk_Isletmeler_Icin_Cloudflare_Guvenliginin_Neden_Kritik_Oldugunu_Netlestirelim\">K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in Cloudflare G\u00fcvenli\u011finin Neden Kritik Oldu\u011funu Netle\u015ftirelim<\/span><\/h2>\n<p>K\u00fc\u00e7\u00fck i\u015fletme siteleri \u00fczerinde \u00e7al\u0131\u015f\u0131rken en s\u0131k g\u00f6rd\u00fc\u011f\u00fcm\u00fcz hata, g\u00fcvenli\u011fin yaln\u0131zca \u201cg\u00fc\u00e7l\u00fc \u015fifre ve <a href=\"https:\/\/www.dchost.com\/tr\/ssl\">SSL sertifikas\u0131<\/a>\u201d ile s\u0131n\u0131rl\u0131 san\u0131lmas\u0131. Oysa sald\u0131r\u0131 trafi\u011fi ile ger\u00e7ek ziyaret\u00e7i trafi\u011fi art\u0131k i\u00e7 i\u00e7e ge\u00e7mi\u015f durumda: form dolduran, giri\u015f yapmaya \u00e7al\u0131\u015fan, arama yapan ya da \u00fcr\u00fcn g\u00f6r\u00fcnt\u00fcleyen her iste\u011fin yan\u0131nda; zafiyet tarayan botlar, brute-force sald\u0131r\u0131lar ve scraping botlar\u0131 da ayn\u0131 IP havuzlar\u0131ndan gelebiliyor. \u0130\u015fte tam bu noktada Cloudflare gibi bir reverse proxy ve g\u00fcvenlik katman\u0131, DCHost \u00fczerindeki sunucunuz ile d\u0131\u015f d\u00fcnya aras\u0131nda ak\u0131ll\u0131 bir filtre g\u00f6revi g\u00f6r\u00fcyor.<\/p>\n<p>Cloudflare\u2019\u0131n sundu\u011fu <strong>WAF (Web Application Firewall)<\/strong>, <strong>rate limiting (oran s\u0131n\u0131rlama)<\/strong> ve <strong>bot korumas\u0131<\/strong> \u00f6zellikleri, k\u00fc\u00e7\u00fck i\u015fletme sitelerinde genellikle az birka\u00e7 t\u0131klamayla etkinle\u015ftirilebilecek kadar pratik; ama do\u011fru kurgulanmad\u0131\u011f\u0131nda ger\u00e7ek m\u00fc\u015fterileri engelleyebilecek kadar da g\u00fc\u00e7l\u00fcd\u00fcr. Bu rehberde amac\u0131m\u0131z, DCHost altyap\u0131s\u0131 \u00fczerinde \u00e7al\u0131\u015fan sitenizi Cloudflare\u2019\u0131n bu \u00fc\u00e7 ana \u00f6zelli\u011fi ile nas\u0131l dengeli, performansl\u0131 ve g\u00fcvenli bir noktaya ta\u015f\u0131yabilece\u011finizi ad\u0131m ad\u0131m g\u00f6stermektir. \u00d6zellikle WordPress, WooCommerce, k\u00fc\u00e7\u00fck SaaS panelleri ve kurumsal siteler i\u00e7in ger\u00e7ek\u00e7i e\u015fik de\u011ferleri, kural \u00f6rnekleri ve sahadan deneyimlenmi\u015f ayar \u00f6nerileri payla\u015faca\u011f\u0131z.<\/p>\n<h2><span id=\"Cloudflare_Guvenlik_Mimarisi_DCHost_Sunucunuzun_Onundeki_Akilli_Katman\">Cloudflare G\u00fcvenlik Mimarisi: DCHost Sunucunuzun \u00d6n\u00fcndeki Ak\u0131ll\u0131 Katman<\/span><\/h2>\n<p>\u00d6nce mimariyi kafada netle\u015ftirelim. DCHost\u2019ta bar\u0131nd\u0131r\u0131lan web siteniz normalde do\u011frudan ziyaret\u00e7iye cevap verir. Cloudflare\u2019\u0131 devreye ald\u0131\u011f\u0131n\u0131zda ise ak\u0131\u015f \u015fu \u015fekilde de\u011fi\u015fir:<\/p>\n<ul>\n<li>Ziyaret\u00e7i DNS \u00fczerinden alan ad\u0131n\u0131z\u0131 \u00e7\u00f6zer ve Cloudflare\u2019\u0131n IP\u2019lerine ula\u015f\u0131r.<\/li>\n<li>Cloudflare; WAF, bot korumas\u0131, rate limit ve cache kurallar\u0131n\u0131 uygular.<\/li>\n<li>\u0130zin verilen, filtrelenmi\u015f istekler DCHost \u00fczerindeki origin sunucunuza iletilir.<\/li>\n<li>Sunucudan d\u00f6nen yan\u0131t tekrar Cloudflare \u00fczerinden ge\u00e7erek son kullan\u0131c\u0131ya ula\u015f\u0131r.<\/li>\n<\/ul>\n<p>Bu modelin iki somut avantaj\u0131 var: Birincisi, sald\u0131r\u0131lar\u0131n b\u00fcy\u00fck k\u0131sm\u0131 daha DCHost sunucunuza dokunmadan Cloudflare katman\u0131nda durdurulur. \u0130kincisi, g\u00fcvenli\u011fi geli\u015ftirirken sunucunuz \u00fczerinde karma\u015f\u0131k yaz\u0131l\u0131m de\u011fi\u015fiklikleri yapmak yerine, \u00f6nemli bir k\u0131sm\u0131 Cloudflare panelinden y\u00f6netilebilir hale gelir.<\/p>\n<h3><span id=\"Cloudflare_DNS_ve_Proxy_Turuncu_Bulut_Mantigi\">Cloudflare DNS ve Proxy (Turuncu Bulut) Mant\u0131\u011f\u0131<\/span><\/h3>\n<p>Cloudflare kullan\u0131rken DNS kay\u0131tlar\u0131n\u0131zda iki mod vard\u0131r:<\/p>\n<ul>\n<li><strong>Proxy a\u00e7\u0131k (turuncu bulut):<\/strong> Trafik Cloudflare \u00fczerinden ge\u00e7er, WAF ve di\u011fer g\u00fcvenlik \u00f6zellikleri uygulan\u0131r.<\/li>\n<li><strong>Sadece DNS (gri bulut):<\/strong> Cloudflare sadece DNS \u00e7\u00f6z\u00fcmlemesi yapar, g\u00fcvenlik katman\u0131 devrede de\u011fildir.<\/li>\n<\/ul>\n<p>Web sitenizi korumak istiyorsan\u0131z, en az\u0131ndan HTTP(S) trafi\u011fi i\u00e7in A\/AAAA ve CNAME kay\u0131tlar\u0131n\u0131z\u0131n turuncu bulut modunda olmas\u0131 gerekir. Hangi senaryoda Cloudflare DNS\u2019ini birincil, hangi senaryoda hosting DNS\u2019ini kullanman\u0131z gerekti\u011fini daha detayl\u0131 anlamak i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/cloudflare-dns-mi-hosting-dnsi-mi-en-dogru-nameserver-stratejisi\/\">Cloudflare DNS mi, hosting DNS\u2019i mi tercih etmeniz gerekti\u011fini anlatt\u0131\u011f\u0131m\u0131z rehbere<\/a> de bakman\u0131z\u0131 \u00f6neririz.<\/p>\n<h3><span id=\"Cloudflare_DCHost_Altyapisini_Birlikte_Dusunmek\">Cloudflare + DCHost Altyap\u0131s\u0131n\u0131 Birlikte D\u00fc\u015f\u00fcnmek<\/span><\/h3>\n<p>DCHost taraf\u0131nda <a href=\"https:\/\/www.dchost.com\/tr\/web-hosting\">payla\u015f\u0131ml\u0131 hosting<\/a>, VPS veya <a href=\"https:\/\/www.dchost.com\/tr\/fiziksel-sunucu\">dedicated sunucu<\/a> kullan\u0131yor olabilirsiniz; Cloudflare bu katman\u0131n \u00f6n\u00fcnde duran esnek bir g\u00fcvenlik ve performans perdesi gibi davran\u0131r. Bizim \u00f6nerimiz:<\/p>\n<ul>\n<li><strong>Sunucu taraf\u0131nda<\/strong> temel g\u00fcvenlik duvar\u0131, g\u00fcncellemeler, PHP ve web sunucu sertle\u015ftirmesini uygulamak.<\/li>\n<li><strong>Cloudflare taraf\u0131nda<\/strong> ise WAF, bot korumas\u0131, rate limit, HTTP\/2\u2013HTTP\/3 ve cache politikalar\u0131n\u0131 ayarlamak.<\/li>\n<\/ul>\n<p>B\u00f6ylece hem DCHost sunucunuz sald\u0131r\u0131lara kar\u015f\u0131 daha az y\u00fck alt\u0131nda kal\u0131r hem de ger\u00e7ek kullan\u0131c\u0131lar, Cloudflare\u2019\u0131n global a\u011f\u0131 sayesinde daha h\u0131zl\u0131 bir deneyim ya\u015far.<\/p>\n<h2><span id=\"Cloudflare_WAF_Ayarlari_Kucuk_Isletmeler_Icin_Pratik_Profil\">Cloudflare WAF Ayarlar\u0131: K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in Pratik Profil<\/span><\/h2>\n<p>Cloudflare WAF, web uygulaman\u0131za gelen istekleri analiz ederek SQL injection, XSS, LFI\/RFI gibi klasik web sald\u0131r\u0131lar\u0131n\u0131 otomatik olarak engelleyen bir katmand\u0131r. WAF konusuna ilk defa giriyorsan\u0131z, kavramsal arka plan i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/web-uygulama-guvenlik-duvari-waf-nedir-cloudflare-waf-ve-modsecurity-ile-web-sitesi-koruma-rehberi\/\">web uygulama g\u00fcvenlik duvar\u0131 (WAF) nedir ve Cloudflare WAF ile ModSecurity kar\u015f\u0131la\u015ft\u0131rmas\u0131n\u0131 anlatt\u0131\u011f\u0131m\u0131z yaz\u0131ya<\/a> da g\u00f6z atabilirsiniz.<\/p>\n<h3><span id=\"Managed_Rulesets_ile_Hizli_Baslangic\">Managed Rulesets ile H\u0131zl\u0131 Ba\u015flang\u0131\u00e7<\/span><\/h3>\n<p>Cloudflare panelinde <strong>Security \u2192 WAF \u2192 Managed rules<\/strong> b\u00f6l\u00fcm\u00fcne girdi\u011finizde, Cloudflare taraf\u0131ndan y\u00f6netilen haz\u0131r kurallar g\u00f6receksiniz. K\u00fc\u00e7\u00fck i\u015fletme siteleri i\u00e7in \u00f6nerilen temel ad\u0131mlar:<\/p>\n<ol>\n<li><strong>Cloudflare Managed Rules<\/strong> setini etkinle\u015ftirin.<\/li>\n<li>Varsay\u0131lan mod genellikle <strong>Block<\/strong> ya da <strong>Challenge<\/strong> olarak gelir; ba\u015flang\u0131\u00e7 i\u00e7in <strong>Block<\/strong> uygundur.<\/li>\n<li>Uygulama t\u00fcr\u00fcn\u00fcze g\u00f6re (WordPress, PHP, API) ilgili ek ruleset\u2019leri de aktif edin.<\/li>\n<\/ol>\n<p>Bu managed kurallar, OWASP Top 10 kategorisindeki bir\u00e7ok sald\u0131r\u0131y\u0131 otomatik olarak engeller. \u00d6zellikle WordPress ve WooCommerce sitelerde, bilinen zafiyet vekt\u00f6rlerine y\u00f6nelik imzalar sayesinde eski eklentilerinizdeki a\u00e7\u0131klara kar\u015f\u0131 ek bir kalkan olu\u015fturur.<\/p>\n<h3><span id=\"WordPress_ve_WooCommerce_Icin_Tipik_WAF_Kurallari\">WordPress ve WooCommerce \u0130\u00e7in Tipik WAF Kurallar\u0131<\/span><\/h3>\n<p>K\u00fc\u00e7\u00fck i\u015fletme sitelerinin \u00f6nemli bir k\u0131sm\u0131 WordPress ve WooCommerce kullan\u0131yor. Cloudflare WAF ile bu t\u00fcr sitelerde uygulad\u0131\u011f\u0131m\u0131z tipik kurallar \u015funlar:<\/p>\n<ul>\n<li><strong>wp-login.php<\/strong> ve <strong>xmlrpc.php<\/strong> isteklerini daha s\u0131k\u0131 denetlemek, gerekirse \u00fclke\/IP bazl\u0131 k\u0131s\u0131tlamak.<\/li>\n<li>wp-admin dizinine gelen anonim (oturumsuz) istekleri challenge\u2019a almak.<\/li>\n<li>\u015e\u00fcpheli user-agent\u2019lardan gelen istekleri engellemek veya JS challenge uygulamak.<\/li>\n<\/ul>\n<p>Bu konuyu \u00f6zellikle WordPress ekseninde ayr\u0131nt\u0131l\u0131 anlatt\u0131\u011f\u0131m\u0131z <a href=\"https:\/\/www.dchost.com\/blog\/cloudflare-waf-kurallari-ve-oran-sinirlama-ile-wordpressi-botlardan-nasil-korursun\/\">Cloudflare WAF kurallar\u0131 ve oran s\u0131n\u0131rlama ile WordPress\u2019i botlardan koruma rehberinde<\/a> ger\u00e7ek kural \u00f6rnekleriyle g\u00f6rebilirsiniz. Ayn\u0131 mant\u0131\u011f\u0131 kurumsal panel, SaaS uygulamas\u0131 veya \u00f6zel yaz\u0131l\u0131m\u0131n\u0131zda da login, profil, \u00f6deme gibi kritik u\u00e7 noktalara uyarlayabilirsiniz.<\/p>\n<h3><span id=\"False_Positiveler_Yanlis_Pozitifleri_Yonetmek\">False Positive\u2019ler: Yanl\u0131\u015f Pozitifleri Y\u00f6netmek<\/span><\/h3>\n<p>Her WAF\u2019ta oldu\u011fu gibi, Cloudflare WAF\u2019\u0131n da zaman zaman \u201cyanl\u0131\u015f pozitif\u201d \u00fcretmesi (yani asl\u0131nda zararl\u0131 olmayan bir iste\u011fi \u015f\u00fcpheli g\u00f6rmesi) m\u00fcmk\u00fcnd\u00fcr. K\u00fc\u00e7\u00fck i\u015fletme sitelerinde s\u0131k g\u00f6rd\u00fc\u011f\u00fcm\u00fcz yanl\u0131\u015f pozitif \u00f6rnekleri:<\/p>\n<ul>\n<li>Y\u00f6netim panelinde SQL benzeri sorgu parametreleri kullanan raporlama ekranlar\u0131.<\/li>\n<li>URL parametresinde \u201cselect, union, insert\u201d gibi kelimeler ge\u00e7en sa\u011fl\u0131kl\u0131 istekler.<\/li>\n<li>Geli\u015ftirici ara\u00e7lar\u0131yla test edilen API u\u00e7lar\u0131.<\/li>\n<\/ul>\n<p>Bu durumda yap\u0131lmas\u0131 gereken, ilgili kural\u0131 tamamen kapatmak de\u011fil, <strong>istisna (exception)<\/strong> tan\u0131mlamakt\u0131r. \u00d6rne\u011fin belirli bir URL yolu i\u00e7in (\u00f6rne\u011fin <code>\/admin\/reports<\/code>) veya belirli bir kaynaktan (\u00f6rne\u011fin ofis IP blo\u011funuz) gelen istekler i\u00e7in bir WAF kural\u0131n\u0131n devre d\u0131\u015f\u0131 b\u0131rak\u0131lmas\u0131n\u0131 sa\u011flayabilirsiniz. B\u00f6ylece g\u00fcvenlik seviyesini t\u00fcm site i\u00e7in d\u00fc\u015f\u00fcrmeden; sadece sorun \u00e7\u0131karan u\u00e7 noktay\u0131 \u201cbeyaz listeye\u201d alm\u0131\u015f olursunuz.<\/p>\n<h3><span id=\"Ulke_Bazli_Engelleme_ve_Jeo-Filtreleme\">\u00dclke Bazl\u0131 Engelleme ve Jeo-Filtreleme<\/span><\/h3>\n<p>E\u011fer i\u015fletmeniz sadece T\u00fcrkiye pazar\u0131na hizmet veriyor ve yurt d\u0131\u015f\u0131 trafi\u011finin neredeyse tamam\u0131 zararl\u0131 veya spam olarak g\u00f6r\u00fcn\u00fcyorsa, \u00fclke bazl\u0131 kurallar ciddi anlamda rahatlat\u0131c\u0131 olabilir. Cloudflare WAF ve firewall kurallar\u0131nda:<\/p>\n<ul>\n<li>Belirli \u00fclkelerden gelen isteklere <strong>Block<\/strong> (engelleme)<\/li>\n<li>Daha az g\u00fcvenilir \u00fclkelerden gelen isteklere <strong>JS Challenge<\/strong> (JavaScript do\u011frulamas\u0131)<\/li>\n<li>Y\u00f6netim paneli i\u00e7in sadece belirli \u00fclkeleri <strong>Allow<\/strong> (izin ver)<\/li>\n<\/ul>\n<p>gibi senaryolar kurabilirsiniz. \u00d6rne\u011fin yaln\u0131zca T\u00fcrkiye\u2019den eri\u015filmesini istedi\u011finiz bir y\u00f6netim paneli i\u00e7in, firewall kural\u0131nda <code>(http.request.uri.path contains \"\/wp-admin\" and ip.geoip.country ne \"TR\")<\/code> gibi bir ko\u015fulla yurt d\u0131\u015f\u0131n\u0131 tamamen engellemek m\u00fcmk\u00fcn.<\/p>\n<h2><span id=\"Rate_Limiting_Login_Arama_ve_API_Uclarini_Sakinlestirmek\">Rate Limiting: Login, Arama ve API U\u00e7lar\u0131n\u0131 Sakinle\u015ftirmek<\/span><\/h2>\n<p><strong>Rate limiting<\/strong>, belirli bir s\u00fcre aral\u0131\u011f\u0131nda bir IP\u2019nin ka\u00e7 istekte bulunabilece\u011fini s\u0131n\u0131rlayarak brute-force, scraping ve basit DDoS denemelerini t\u00f6rp\u00fcleyen g\u00fc\u00e7l\u00fc bir mekanizmad\u0131r. K\u00fc\u00e7\u00fck i\u015fletme sitelerinde en b\u00fcy\u00fck fark\u0131 genellikle \u00fc\u00e7 yerde g\u00f6r\u00fcr\u00fcz:<\/p>\n<ul>\n<li>Giri\u015f (login) sayfalar\u0131<\/li>\n<li>Arama kutular\u0131 ve filtreleme sorgular\u0131<\/li>\n<li>API u\u00e7 noktalar\u0131 (mobil uygulama, entegrasyonlar vb.)<\/li>\n<\/ul>\n<h3><span id=\"Hangi_Endpointlere_Rate_Limit_Koymali\">Hangi Endpoint\u2019lere Rate Limit Koymal\u0131?<\/span><\/h3>\n<p>Her endpoint\u2019e rate limit koymak mant\u0131kl\u0131 de\u011fildir; \u00e7\u00fcnk\u00fc sayfa g\u00f6r\u00fcnt\u00fclemeleri ve statik i\u00e7eriklerde fazla s\u0131k\u0131 limitler ger\u00e7ek kullan\u0131c\u0131lar\u0131 rahats\u0131z eder. Bizim saha deneyimimize g\u00f6re en verimli kullan\u0131m alanlar\u0131:<\/p>\n<ul>\n<li><strong>Login URL\u2019leri:<\/strong> <code>\/wp-login.php<\/code>, <code>\/login<\/code>, <code>\/account\/login<\/code> vb.<\/li>\n<li><strong>Yo\u011fun sorgu \u00fcreten arama URL\u2019leri:<\/strong> <code>\/search<\/code>, <code>\/?s=<\/code>, geli\u015fmi\u015f filtreleme sayfalar\u0131.<\/li>\n<li><strong>Kritik API\u2019ler:<\/strong> \u00f6deme, sepet i\u015flemleri, stok\/\u00fcr\u00fcn detay sorgular\u0131.<\/li>\n<\/ul>\n<p>Statik dosyalara (CSS, JS, g\u00f6rseller) ya da t\u00fcm site geneline \u00e7ok d\u00fc\u015f\u00fck limitler koymak, \u00f6zellikle kampanya d\u00f6nemlerinde ve mobil kullan\u0131c\u0131 trafi\u011finde gereksiz hata sayfalar\u0131na yol a\u00e7abilir.<\/p>\n<h3><span id=\"Gercekci_Rate_Limit_Esik_Degerleri\">Ger\u00e7ek\u00e7i Rate Limit E\u015fik De\u011ferleri<\/span><\/h3>\n<p>Cloudflare panelinde <strong>Security \u2192 WAF \u2192 Rate limiting rules<\/strong> b\u00f6l\u00fcm\u00fcnden yeni bir kural eklerken \u015fu alanlarla kar\u015f\u0131la\u015f\u0131rs\u0131n\u0131z:<\/p>\n<ul>\n<li><strong>URL veya desen:<\/strong> \u00d6rne\u011fin <code>\/wp-login.php*<\/code> veya <code>\/search*<\/code>.<\/li>\n<li><strong>E\u015fik:<\/strong> Belirli bir s\u00fcre i\u00e7inde izin verilen maksimum istek say\u0131s\u0131.<\/li>\n<li><strong>S\u00fcre:<\/strong> E\u015fik de\u011ferinin \u00f6l\u00e7\u00fcld\u00fc\u011f\u00fc zaman aral\u0131\u011f\u0131 (saniye cinsinden).<\/li>\n<li><strong>Eylem:<\/strong> Block, Challenge (CAPTCHA veya JS), Log vb.<\/li>\n<\/ul>\n<p>K\u00fc\u00e7\u00fck i\u015fletme siteleri i\u00e7in pratik \u00f6rnekler:<\/p>\n<ul>\n<li><strong>Login sayfas\u0131:<\/strong> 30 saniyede 5 iste\u011fi a\u015fan IP\u2019leri 5 dakika <strong>JS Challenge<\/strong> ile s\u0131n\u0131rla.<\/li>\n<li><strong>Arama sayfas\u0131:<\/strong> 60 saniyede 30\u2019dan fazla arama iste\u011fi yapan IP\u2019leri 1 dakika <strong>Block<\/strong> et.<\/li>\n<li><strong>API oku i\u015flemleri:<\/strong> 10 saniyede 50 iste\u011fi ge\u00e7en IP\u2019leri 1 dakika <strong>Challenge<\/strong>.<\/li>\n<\/ul>\n<p>Bu de\u011ferler elbette sitenizin trafi\u011fine g\u00f6re de\u011fi\u015fir. \u0130yi bir yakla\u015f\u0131m, \u00f6nce eylemi <strong>Log<\/strong> veya <strong>Simulate<\/strong> (sadece izleme) modunda \u00e7al\u0131\u015ft\u0131r\u0131p, ger\u00e7ek kullan\u0131c\u0131 trafi\u011fini g\u00f6zlemledikten sonra Block\/Challenge\u2019a ge\u00e7mektir. \u00d6zellikle y\u00fcksek trafikli kampanya d\u00f6nemlerinde limitleri bir miktar esnetmeniz gerekebilir.<\/p>\n<h2><span id=\"Bot_Korumasi_Iyi_Botu_Oldurmeden_Kotu_Botu_Disarida_Birakmak\">Bot Korumas\u0131: \u0130yi Botu \u00d6ld\u00fcrmeden K\u00f6t\u00fc Botu D\u0131\u015far\u0131da B\u0131rakmak<\/span><\/h2>\n<p>Cloudflare\u2019\u0131n bot koruma \u00f6zellikleri, kaba kuvvet brute-force sald\u0131r\u0131lar\u0131ndan daha ince ayarl\u0131 tehditlerle de ba\u015fa \u00e7\u0131kman\u0131z\u0131 sa\u011flar: fiyat\/\u00fcr\u00fcn scraping\u2019i yapan botlar, spam yorum g\u00f6nderen script\u2019ler, otomatik hesap a\u00e7ma denemeleri gibi. Burada kritik nokta, arama motoru botlar\u0131 gibi <strong>iyi botlar\u0131<\/strong> rahats\u0131z etmeden <strong>k\u00f6t\u00fc botlar\u0131<\/strong> filtreleyebilmektir.<\/p>\n<h3><span id=\"Bot_Fight_Mode_ve_Dikkat_Etmeniz_Gerekenler\">Bot Fight Mode ve Dikkat Etmeniz Gerekenler<\/span><\/h3>\n<p>Cloudflare panelinde <strong>Security \u2192 Bots<\/strong> b\u00f6l\u00fcm\u00fcnde g\u00f6rece\u011finiz <strong>Bot Fight Mode<\/strong>, basit ama etkili bir ba\u015flang\u0131\u00e7t\u0131r. Etkinle\u015ftirildi\u011finde, bilinen k\u00f6t\u00fc bot ve taray\u0131c\u0131 d\u0131\u015f\u0131 istemcilere kar\u015f\u0131 ek kontroller uygular. K\u00fc\u00e7\u00fck i\u015fletme sitelerinde s\u0131k g\u00f6rd\u00fc\u011f\u00fcm\u00fcz etki alanlar\u0131:<\/p>\n<ul>\n<li>Brute-force deneyen basit script\u2019ler ciddi oranda azal\u0131r.<\/li>\n<li>Ucuz scraping botlar\u0131n\u0131n bir k\u0131sm\u0131 daha sayfa y\u00fcklenmeden engellenir.<\/li>\n<li>\u015e\u00fcpheli user-agent\u2019lar ve garip taray\u0131c\u0131 profilleri JS challenge ile s\u0131nan\u0131r.<\/li>\n<\/ul>\n<p>Ancak \u00e7ok kapsaml\u0131 entegrasyonlar\u0131n\u0131z (\u00f6rne\u011fin \u00f6zel mobil uygulama, B2B API m\u00fc\u015fterileri, \u00fc\u00e7\u00fcnc\u00fc parti entegrasyonlar) varsa, Bot Fight Mode\u2019un bu istekleri yanl\u0131\u015fl\u0131kla zorlamad\u0131\u011f\u0131ndan emin olmak i\u00e7in bir s\u00fcre <strong>Firewall Events<\/strong> ekran\u0131n\u0131 yak\u0131ndan izlemenizi \u00f6neririz.<\/p>\n<h3><span id=\"Bot_Skoru_ile_Ince_Ayarli_Firewall_Kurallari\">Bot Skoru ile \u0130nce Ayarl\u0131 Firewall Kurallar\u0131<\/span><\/h3>\n<p>Cloudflare, her iste\u011fe i\u00e7sel bir <strong>bot score<\/strong> atar (0\u201399 aras\u0131). D\u00fc\u015f\u00fck skorlar daha bot-vari davran\u0131\u015flar\u0131, y\u00fcksek skorlar ise ger\u00e7ek kullan\u0131c\u0131y\u0131 ifade eder. Firewall kurallar\u0131nda bu skoru kullanarak daha rafine politikalar tan\u0131mlayabilirsiniz. \u00d6rne\u011fin:<\/p>\n<ul>\n<li><strong>Login sayfas\u0131 i\u00e7in:<\/strong> <code>(http.request.uri.path contains \"\/wp-login.php\" and cf.client.bot_score &lt;= 30)<\/code> ko\u015fuluyla d\u00fc\u015f\u00fck skorlu trafi\u011fe JS Challenge uygulamak.<\/li>\n<li><strong>Arama sayfas\u0131 i\u00e7in:<\/strong> Hem y\u00fcksek istek say\u0131s\u0131 hem de d\u00fc\u015f\u00fck bot skoru olan IP\u2019leri direkt engellemek.<\/li>\n<\/ul>\n<p>Bu yakla\u015f\u0131m, sadece IP veya \u00fclke temelli filtrelerden \u00e7ok daha esnek ve etkilidir. \u00d6zellikle yo\u011fun API veya AJAX kullanan modern sitelerde, bot skoruna dayal\u0131 kurallar yanl\u0131\u015f pozitifleri azaltmada olduk\u00e7a i\u015fe yarar.<\/p>\n<h3><span id=\"Iyi_Botlari_SEO_Analiz_vb_Korumak\">\u0130yi Botlar\u0131 (SEO, Analiz vb.) Korumak<\/span><\/h3>\n<p>Google, Bing gibi b\u00fcy\u00fck arama motoru botlar\u0131 ile baz\u0131 g\u00fcvenilir izleme ve uptime botlar\u0131n\u0131n engellenmemesi gerekir. Cloudflare, bilinen arama motoru botlar\u0131n\u0131 otomatik olarak tan\u0131mada genelde olduk\u00e7a ba\u015far\u0131l\u0131d\u0131r. Yine de emin olmak i\u00e7in:<\/p>\n<ul>\n<li>Firewall kurallar\u0131n\u0131z\u0131 yazarken <strong>Known Bots<\/strong> filtresini kullanabilir, bu botlar\u0131 istisna tan\u0131mlayabilirsiniz.<\/li>\n<li>\u00d6rne\u011fin kural ko\u015fuluna <code>and not cf.client.bot<\/code> ekleyerek bilinen iyi botlar\u0131 hari\u00e7 tutabilirsiniz.<\/li>\n<\/ul>\n<p>Cloudflare\u2019\u0131 sunucu taraf\u0131 WAF\u2019lar ve Fail2ban ile birlikte kullanma senaryolar\u0131n\u0131, pratik hik\u00e2yeler \u00fczerinden g\u00f6rmek isterseniz <a href=\"https:\/\/www.dchost.com\/blog\/waf-ve-bot-korumasi-cloudflare-modsecurity-ve-fail2bani-ayni-masada-baristirmanin-sicacik-hikayesi\/\">WAF ve bot korumas\u0131n\u0131 Cloudflare, ModSecurity ve Fail2ban ile birlikte kullanma senaryolar\u0131n\u0131 anlatt\u0131\u011f\u0131m\u0131z yaz\u0131ya<\/a> g\u00f6z atabilirsiniz.<\/p>\n<h2><span id=\"Cloudflare_Guvenlik_Ayarlarini_Test_Etme_Izleme_ve_Loglama\">Cloudflare G\u00fcvenlik Ayarlar\u0131n\u0131 Test Etme, \u0130zleme ve Loglama<\/span><\/h2>\n<p>WAF, rate limit ve bot korumas\u0131 ne kadar iyi olursa olsun; g\u00f6zlemlenmeyen hi\u00e7bir sistem ger\u00e7ekten g\u00fcvenli say\u0131lmaz. K\u00fc\u00e7\u00fck i\u015fletme siteleri i\u00e7in bile asgari d\u00fczeyde g\u00f6r\u00fcn\u00fcrl\u00fck \u015fart.<\/p>\n<h3><span id=\"Firewall_Events_ve_Security_Analyticsi_Takip_Etmek\">Firewall Events ve Security Analytics\u2019i Takip Etmek<\/span><\/h3>\n<p>Cloudflare panelindeki <strong>Security \u2192 Events<\/strong> ekran\u0131, WAF, firewall ve rate limit kurallar\u0131n\u0131z\u0131n nas\u0131l \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 anlamak i\u00e7in birincil referans noktas\u0131d\u0131r. Burada:<\/p>\n<ul>\n<li>Hangi kural\u0131n ka\u00e7 kez tetiklendi\u011fini,<\/li>\n<li>Hangi IP, \u00fclke veya user-agent\u2019lar\u0131n en \u00e7ok engellendi\u011fini,<\/li>\n<li>Ger\u00e7ek kullan\u0131c\u0131lar\u0131n etkilenip etkilenmedi\u011fini<\/li>\n<\/ul>\n<p>g\u00f6rebilirsiniz. \u00d6zellikle yeni bir kural ekledikten sonraki ilk 24\u201348 saatte bu ekran\u0131 s\u0131k s\u0131k kontrol etmek, yanl\u0131\u015f pozitifleri fark etmenin en h\u0131zl\u0131 yoludur.<\/p>\n<h3><span id=\"Sunucu_Loglari_ile_Birlikte_Yorumlamak\">Sunucu Loglar\u0131 ile Birlikte Yorumlamak<\/span><\/h3>\n<p>Cloudflare sizin i\u00e7in trafi\u011fi filtrelese bile, DCHost \u00fczerindeki sunucunuzun loglar\u0131n\u0131 okumak h\u00e2l\u00e2 \u00e7ok de\u011ferlidir. \u00d6zellikle:<\/p>\n<ul>\n<li>4xx ve 5xx hata oranlar\u0131 art\u0131yorsa, bunun sebebinin uygulama kodu mu yoksa Cloudflare kaynakl\u0131 bir engelleme mi oldu\u011funu anlamak i\u00e7in.<\/li>\n<li>Belirli bir IP veya \u00fclke kaynakl\u0131 sald\u0131r\u0131y\u0131 hem Cloudflare hem sunucu loglar\u0131nda e\u015fle\u015ftirebilmek i\u00e7in.<\/li>\n<\/ul>\n<p>Apache veya Nginx loglar\u0131n\u0131 okumaya yeni ba\u015fl\u0131yorsan\u0131z, <a href=\"https:\/\/www.dchost.com\/blog\/hosting-sunucu-loglarini-okumayi-ogrenin-apache-ve-nginx-ile-4xx-5xx-hatalarini-teshis-rehberi\/\">Apache ve Nginx ile 4xx\u20135xx hatalar\u0131n\u0131 te\u015fhis etmeyi anlatt\u0131\u011f\u0131m\u0131z log okuma rehberimizi<\/a> \u00f6zellikle tavsiye ederiz. Cloudflare ile birlikte okundu\u011funda, hangi hatan\u0131n uygulama, hangisinin g\u00fcvenlik kural\u0131 kaynakl\u0131 oldu\u011funu \u00e7ok daha net ay\u0131rt edebilirsiniz.<\/p>\n<h3><span id=\"Test_Ortami_Staging_ve_Kademeli_Yayina_Alma\">Test Ortam\u0131, Staging ve Kademeli Yay\u0131na Alma<\/span><\/h3>\n<p>E\u011fer siteniz kritik i\u015flem yap\u0131yorsa (e-ticaret, B2B panel, SaaS vb.), g\u00fcvenlik kurallar\u0131n\u0131 tek seferde t\u00fcm canl\u0131 trafi\u011fe uygulamak yerine kademeli ilerlemeniz daha sa\u011fl\u0131kl\u0131d\u0131r:<\/p>\n<ul>\n<li>\u00d6nce kural\u0131 sadece <strong>Log<\/strong> veya <strong>Simulate<\/strong> modunda \u00e7al\u0131\u015ft\u0131r\u0131n.<\/li>\n<li>Security Events ve sunucu loglar\u0131n\u0131z\u0131 birka\u00e7 g\u00fcn izleyin.<\/li>\n<li>Yanl\u0131\u015f pozitif yoksa eylemi <strong>Challenge<\/strong> veya <strong>Block<\/strong> seviyesine y\u00fckseltin.<\/li>\n<li>M\u00fcmk\u00fcnse bir <strong>staging alan ad\u0131<\/strong> \u00fczerinden, benzer kurallar\u0131 test edip sonras\u0131nda canl\u0131ya ta\u015f\u0131y\u0131n.<\/li>\n<\/ul>\n<h2><span id=\"Kucuk_Isletmeler_Icin_Onerilen_Cloudflare_Guvenlik_Check-listi\">K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in \u00d6nerilen Cloudflare G\u00fcvenlik Check-list\u2019i<\/span><\/h2>\n<p>DCHost taraf\u0131nda s\u0131k\u00e7a uygulad\u0131\u011f\u0131m\u0131z ve k\u00fc\u00e7\u00fck i\u015fletme siteleri i\u00e7in iyi bir ba\u015flang\u0131\u00e7 profili olu\u015fturan kontrol listesini a\u015fa\u011f\u0131da \u00f6zetleyelim:<\/p>\n<ul>\n<li><strong>DNS ve proxy:<\/strong> HTTP(S) trafi\u011fi i\u00e7in A\/AAAA\/CNAME kay\u0131tlar\u0131n\u0131n turuncu bulut modunda oldu\u011fundan emin olun.<\/li>\n<li><strong>SSL\/TLS:<\/strong> Cloudflare\u2019da \u201cFull (strict)\u201d mod kullan\u0131n; sunucu taraf\u0131nda ge\u00e7erli bir SSL sertifikas\u0131 oldu\u011fundan emin olun.<\/li>\n<li><strong>WAF \u2013 Managed Rules:<\/strong> Cloudflare Managed Rules ve gerekiyorsa WordPress\/PHP spesifik ruleset\u2019leri etkinle\u015ftirin.<\/li>\n<li><strong>WAF \u2013 \u00d6zel Kurallar:<\/strong> wp-admin, wp-login, \/login, \/admin gibi kritik yollar i\u00e7in \u00fclke\/IP temelli ek kurallar yaz\u0131n.<\/li>\n<li><strong>Rate Limiting:<\/strong> Login ve arama u\u00e7 noktalar\u0131 i\u00e7in 30\u201360 saniyelik aral\u0131klarda makul limitler belirleyin, \u00f6nce loglay\u0131n sonra bloklay\u0131n.<\/li>\n<li><strong>Bot Fight Mode:<\/strong> Basit k\u00f6t\u00fc botlara kar\u015f\u0131 Bot Fight Mode\u2019u etkinle\u015ftirin, ilk g\u00fcnlerde firewall etkinliklerini yak\u0131ndan izleyin.<\/li>\n<li><strong>\u0130yi bot istisnalar\u0131:<\/strong> Known Bots filtresiyle arama motoru botlar\u0131n\u0131 yanl\u0131\u015fl\u0131kla engellemedi\u011finizden emin olun.<\/li>\n<li><strong>Jeo-filtreleme:<\/strong> Yaln\u0131zca belirli \u00fclkelerde hizmet veriyorsan\u0131z, y\u00f6netim paneli i\u00e7in \u00fclke k\u0131s\u0131tlar\u0131 ekleyin.<\/li>\n<li><strong>Log ve g\u00f6zlem:<\/strong> Security \u2192 Events ekran\u0131n\u0131 ve sunucu loglar\u0131n\u0131 d\u00fczenli aral\u0131klarla kontrol edin.<\/li>\n<li><strong>Y\u0131ll\u0131k g\u00f6zden ge\u00e7irme:<\/strong> Yeni i\u015f ihtiya\u00e7lar\u0131, kampanyalar ve trafik art\u0131\u015flar\u0131na g\u00f6re kurallar\u0131 y\u0131lda en az bir kez revize edin.<\/li>\n<\/ul>\n<p>Cloudflare katman\u0131n\u0131 bu \u015fekilde oturttu\u011funuzda, arka planda \u00e7al\u0131\u015fan DCHost sunucunuzun kaynaklar\u0131n\u0131 da daha verimli kullan\u0131rs\u0131n\u0131z. G\u00fcvenlik taraf\u0131n\u0131 hallettikten sonra uygulama ve veritaban\u0131 optimizasyonuna odaklanmak isterseniz, \u00f6rne\u011fin WordPress veritaban\u0131n\u0131 hafifletmek i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/wordpress-veritabani-optimizasyonu-wp_options-ve-autoload-sismesini-temizleme-rehberi\/\">WordPress veritaban\u0131 optimizasyon rehberimiz<\/a> size iyi bir sonraki ad\u0131m olabilir.<\/p>\n<h2><span id=\"Sonuc_DCHost_Cloudflare_ile_Dengeli_Guvenli_ve_Hizli_Mimari\">Sonu\u00e7: DCHost + Cloudflare ile Dengeli, G\u00fcvenli ve H\u0131zl\u0131 Mimari<\/span><\/h2>\n<p>K\u00fc\u00e7\u00fck i\u015fletme sahiplerinin \u00e7o\u011fu, Cloudflare\u2019\u0131 yaln\u0131zca \u201cCDN ve h\u0131zland\u0131rma arac\u0131\u201d olarak tan\u0131yor. Oysa do\u011fru kurgulanm\u0131\u015f bir WAF, iyi ayarlanm\u0131\u015f rate limiting kurallar\u0131 ve dikkatle yap\u0131land\u0131r\u0131lm\u0131\u015f bot korumas\u0131 ile Cloudflare; DCHost \u00fczerinde bar\u0131nd\u0131rd\u0131\u011f\u0131n\u0131z sitenin g\u00fcvenlik mimarisinin omurgalar\u0131ndan birine d\u00f6n\u00fc\u015febilir. En g\u00fczel taraf\u0131 da, bu kazan\u0131mlar i\u00e7in devasa b\u00fct\u00e7elere veya karma\u015f\u0131k g\u00fcvenlik ekiplerine gerek olmamas\u0131: birka\u00e7 mant\u0131kl\u0131 kural ve d\u00fczenli g\u00f6zlemle bile sald\u0131r\u0131 trafi\u011finin \u00e7ok b\u00fcy\u00fck k\u0131sm\u0131n\u0131 daha sunucunuza ula\u015fmadan absorbe edebilirsiniz.<\/p>\n<p>Biz DCHost ekibi olarak, m\u00fc\u015fterilerimizin hem sunucu taraf\u0131nda hem de Cloudflare katman\u0131nda tutarl\u0131 bir g\u00fcvenlik politikas\u0131 kurmas\u0131na \u00f6zellikle \u00f6nem veriyoruz. Dilerseniz mevcut sitenizin trafi\u011fini, login ve kritik u\u00e7 noktalar\u0131n\u0131 birlikte analiz edip, i\u015finize uygun WAF, rate limit ve bot koruma profilini ad\u0131m ad\u0131m \u00e7\u0131karabiliriz. DCHost \u00fczerinde payla\u015f\u0131ml\u0131 hosting, VPS, dedicated sunucu veya colocation kullan\u0131yor olun; Cloudflare entegrasyonu ile g\u00fcvenli\u011fi \u00f6ne al\u0131p performanstan da \u00f6d\u00fcn vermeden ilerlemek m\u00fcmk\u00fcn. Sorular\u0131n\u0131z veya kendi sitenize \u00f6zel ayar \u00f6nerileri i\u00e7in teknik ekibimizle her zaman ileti\u015fime ge\u00e7ebilirsiniz.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in Cloudflare G\u00fcvenli\u011finin Neden Kritik Oldu\u011funu Netle\u015ftirelim2 Cloudflare G\u00fcvenlik Mimarisi: DCHost Sunucunuzun \u00d6n\u00fcndeki Ak\u0131ll\u0131 Katman2.1 Cloudflare DNS ve Proxy (Turuncu Bulut) Mant\u0131\u011f\u01312.2 Cloudflare + DCHost Altyap\u0131s\u0131n\u0131 Birlikte D\u00fc\u015f\u00fcnmek3 Cloudflare WAF Ayarlar\u0131: K\u00fc\u00e7\u00fck \u0130\u015fletmeler \u0130\u00e7in Pratik Profil3.1 Managed Rulesets ile H\u0131zl\u0131 Ba\u015flang\u0131\u00e73.2 WordPress ve WooCommerce \u0130\u00e7in Tipik WAF Kurallar\u01313.3 False Positive\u2019ler: Yanl\u0131\u015f Pozitifleri [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3413,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-3412","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3412","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=3412"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3412\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/3413"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=3412"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=3412"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=3412"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}