aaPanel Firewall not working?

Stealth

Nonstop coming xmlrpc.php attacks, the IP is blocked in Sys firewall:
https://prnt.sc/13x1eki

Today in logs:
'209.145.59.137 172.68.37.15 - - [03/Jun/2021:12:59:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 225 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"'

Why not block it, why 200 (opening) there and not 503 (denied)?

That IP it´s on abuse list: https://www.abuseipdb.com/check/209.145.59.137

aaPanel_Jose

Stealth

If CDN is enabled on your website, the system firewall will not work. It is recommended that you add IP blocking to cloudflare

Stealth

Not enabled the cdn, i try before but many errors get, so I let him....