WordPress Server under attack

  • Hi there I’m an employee for a small business that includes server hosting as a source of revenue. Just recently our server hosting a wordpress site has become under attack through a series of foreign IPs that are spamming the site with requests to overload our logfiles. This has accumulated at a rapid pace since the attack has started. We quickly accumulated 50gb of log files in a matter of days on a relatively quiet site that has been ok. We are unsure of how to proceed to best fix this issue. We’ve temporary installed a free plugin to block foreign IPs directly from the countries of question and a free version of wordfence but the attack continues just at a slower rate as the IPs trickle through. Does anyone have any advance on how to best handle this? The server in question is only being attacked on that one website so far.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Topher

    (@topher1kenobe)

    There are several options here. One is to use a WAF, there are a number available. Cloudflare, WordFence, Sucuri are just a few.

    Another is to switch to a host that has this kind of defense built in. Simply search for something like “WordPress Managed Hosting DDOS protection”.

    This is not an easy problem to solve, so leveraging existing solutions like a WAF or a solid host is your best and cheapest option.

    Talk to your DataCenter that provides the server. They should be able to Null route the IPs at the Router level so they won’t even reach the server. Might be a pay-for service though.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘WordPress Server under attack’ is closed to new replies.

Tags