Live Traffic shows extremly high crawer hits

Some of the criminals have figured out a way to utilize Google cloud for their attacks, to make it appear they are coming from legitimate Google, at least so to those of us who are not professionals in the bot wars. Sometimes it’s referrer spam but other times it’s hard to figure out what in the world they are doing, perhaps just testing things in preparation for larger attacks. If you check that IP 66.249.79.143 you will see it’s already blacklisted by Barracuda, they are very quick to block new attacks.

https://ipindetail.com/ip-blacklist-checker/66.249.79.143.html

If you want to get those zillions of listings off your Live Traffic you’ll need to block in your .htaccess file or with server firewall. If it’s a lot of hits it can be worth the work, but can also be time waste depending on server load and how far you want to go with whack-a-mole.

I had one fake Google crawler that was incredibly persistent, thousands of hits on almost all stuff that I’d deleted several years ago, and ignoring my robots.txt file. It was pretty difficult to block that in my .htaccess but I finally got it done, and it really cleaned up my Live Traffic log, though they’ll probably be back under a different disguise.

MTN

I’d add that your first step in evaluating these things is to see if the crawler is ignoring a properly configured robots.txt file. If it’s ignoring that, as well as being on a blacklist, then block for sure! MTN

As you can see in the picture, I bloked the hostname in the wordfence advance blocking. Do you think this is ok for now?

btw, why i’m having these attacks? Is it because of wordpress theme i’m using or because my domain?

The reason you are getting attacked is because you are there to attack. Simple as that. Wordfence is revolutionary in that it is the first really widely distributed WordPress firewall that makes it obvious how much of this criminal activity is going on. When you as an end user website publisher see how bad it is, hopefully you will become an activist against it. The hosting providers are making a fortune charging money for all the bandwidth that the bots use. They have no incentive to help stop it. It’s up to us little guys. If enough websites make it hard for the bots to accomplish anything, the bot traffic will eventually diminish, if….

It appalls me to see how little the web hosting companies, including Google, do to stop the bots. But if you look at the money, it all becomes clear. It’s not the hackers who are making most of the money, it’s the data center providers who sell bandwidth!

MTN

So what do you suggest i do next? I can’t just stand and watch this… i mean, this is not the first time this website got down because of malware n shit, i installed clean wp and give 40dollars for theme, the client will be furious if website will become unusable again, lol.

Ideas: Country blocking, add known exploit file names to the Wordfence “Immediately block IP’s that access these URLs: Set strict rules on everything, use a minimal number of plugins, install a login URL obfuscation plugin, learn how to use .htaccess and your server firewall, install a honey trap in the website (hidden link to a nonexistent file that you add to the “Immediately block IP’s” and list in robots.txt so you don’t accidentally block Googlebot, watch webmaster tools for problems, use your server logs to get a sense of how everything is working, if you have a client they should expect you to know how to do all this and more.

Firstly, be sure you have a backup system that makes it easy to wipe and restore the entire website. That’s the best way to cure an infection. If you don’t have that, then in my opinion you’re not providing your client with what they should be expecting.

Enjoy the financial rewards of being paid for the extra hours doing all this stuff?

MTN

I think my website i pretty clean of infection, i installed it last night, like 20 hours ago…

Thx for your answers, i’ll monitor further and try some stuff you sugested. thx man