Hi @arathra, thanks for your question.
Ultimately slugs/paths on your site that 404 can’t be accurately predicted with wildcard blocks as the ones in the example above seem random. If there was a consistent pattern or page name, they could be added to Wordfence > All Options > Advanced Firewall Options > Immediately block IPs that access these URLs. Having said this, Wordfence does look at intent and behavior of bots when making a decision to block, so you shouldn’t need to take any action manually just because these hits are happening. If they ever became excessive or were clearly trying to exploit a vulnerability, a firewall rule or other setting should catch them.
If you’re concerned about site performance, you could try lowering the number for “If a crawler’s pages not found (404s) exceed” in your Rate Limiting settings to block a bot making these kinds of attempts earlier, but would recommend changing the number back again if you start noticing problems with unwanted blocks for legitimate sources.
Thanks,
Peter.
