WordPress blocks DDos but still Crashes Server

  • Hi,

    When Wordfence detects a malicious attack from an ip (e.g. 55.555.555.55) that is making 100s of requests per minute, it triggers a block on that particular ip.

    Now, the problem is that the server resources are still taken up because Wordfence still has to serve the malicious ip a “WordPress warning page”.

    1) Did anyone experience the same thing?

    2) Instead of serving the a warning page to the malicious user, is it possible to redirect the malicious user to a dummy url like: getlostyouddosandmaliciousattacker.com via htaccess so that server resources of loading the warning page 1000s of times aren’t used unnecessarily?

    Thanks in advance to anyone who answers!

    • This topic was modified 8 years, 6 months ago by paulgian.
Viewing 1 replies (of 1 total)

  • If you are using the Wordfence Falcon caching engine, the block should be in your htaccess file so that requests from the IP never even make it wordpress.

Viewing 1 replies (of 1 total)
  • The topic ‘WordPress blocks DDos but still Crashes Server’ is closed to new replies.