urlumbrella.com attacks even with firewall block

Interesting topic and great website!

Thoughts:

1. How did you block the bot? (i.e., can you share a screenshot of your Wordfence block?)
2. Have you tried blocking the bot at the edge? (i.e., using Cloudflare or similar CDN). I can confirm this is the most-effective bot-blocking method (i.e., blocking bots before they hit your website). This is what I use.
3. Have you tried blocking them (and many other bots) via 8G Firewall? It’s a great way to block bots via your .htaccess file. This is what I use.

Cheers!

Note: I’m not affiliated with Wordfence. Simply offering goodwill support.

Hi @idosites,

Is the firewall running in Extended Protection? The reason I ask is because Wordfence as an endpoint firewall cannot block requests being made to your site outright but deal with them appropriately once they arrive. In Extended Protection Wordfence will run immediately after PHP starts (but before WordPress loads), however in Basic Protection, or if the requests are being made outside of a browser it may result in the hit still registering depending on how the analytics are collected.

You should be able to see blocks on your?Live Traffic?page that correspond with your analytics data by date/time. If the hit wasn’t registered in Wordfence then they may not have accessed your site in a browser. If the hit is registered, the block reason (in red text) after expanding the entry using the eye icon in the corner should be related to the manual block you’ve set up.

It may be appropriate in some cases to make blocks at a higher level such as Cloudflare or a server-side firewall so your site is actively blocking any request from their domain/IP range before PHP starts however they try to access your site.

Many thanks,
Peter.