sysstem

The error shows in the log but not often, the cron makes a request every minute, but the log entries are not more than 4 or 5 per day, so I think it’s fine.

I think I should have mentioned that my domain is proxied on cloudflare, however, I’m using the .htninja file in order to detect the correct originating IP using the cloudflare header:

if (! empty($_SERVER[“HTTP_CF_CONNECTING_IP”]) &&
filter_var($_SERVER[“HTTP_CF_CONNECTING_IP”],FILTER_VALIDATE_IP)) {
$_SERVER[“REMOTE_ADDR”] = $_SERVER[“HTTP_CF_CONNECTING_IP”];
}

Below are the requested values:

$_SERVER[‘HTTP_ACCEPT_ENCODING’] gzip, br
$_SERVER[‘HTTP_ACCEPT’] text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7
$_SERVER[‘HTTP_ACCEPT_LANGUAGE’] en-US,en;q=0.9,ar;q=0.8
$_SERVER[‘HTTP_USER_AGENT’] Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0

That’s under policies:
Your server IP (209.42.x.x), localhost and private IP addresses will not be affected by this policy.

And that’s in the log:
21/Feb/25 22:14:11 #3453061 MEDIUM – 2a07:ab00:ff:fffe::4 POST /wp-admin/admin-ajax.php – Blocked access to admin-ajax.php – [bot detection is enabled] –

And in the dns zone: I have an A record for the IPv4, and and AAAA record for the v6

Yes in the log the log I see the IPv6 is trying to send, and gets blocked, and in the policies page I see that the IPv4 is whitelisted.