Hacker hitting site over 1000 times but not permanently blocked

  • Resolved higgalls

    (@higgalls)


    7 years, 3 months ago

    I manage a number of sites but I have noticed that one site will get hit over 1000 times in a week (or a day) by one single IP address but wordfence doesn’t permanently block the IP address.

    Why does wordfence allow one IP to hit the site so frequently (and block each hack attempt) but not implement some way to permanently block it? Every time I log in I don’t even see that IP temporary blocked – I just then block it manually.

    Am I missing some key configuration option?

    It is a different IP address each week but always about 1000-1400 times each time I get a weekly report.

    Thanks.

Viewing 1 replies (of 1 total)

  • Hi,
    You can check “Wordfence > Firewall > Rate Limiting” options, where you can control number of requests from that IP either by throttling it or even blocking it for the time you define in “How long is an IP address blocked when it breaks a rule“.

    Permanently blocking IPs for long time isn’t recommended since these IPs are dynamically assigned to different devices on the internet and blocking a bunch of them permanently will end up in blocking some legit IPs someday!

    Thanks.

Viewing 1 replies (of 1 total)
  • The topic ‘Hacker hitting site over 1000 times but not permanently blocked’ is closed to new replies.