WordPress Site Under Attack

  • Resolved intcon

    (@intcon)


    4 months, 1 week ago

    I’ve been getting a lot of wordfence emails saying someone is increasing their attack rates, and wordfence is blocking them. so i went to look. I look under live traffic and am just horrified at how many IP’s are trying non-existent pages, the login page as well and just completely made up strings of characters. they’re coming from a lot of different countries and IP’s, and it feels like a full out attack. Is there any way of stopping this? Would taking down the site for a couple days help? It’s all bots. There’s some attacks that are 50+ in a matter of minutes and rarely more than 30 min without one.

    Any thoughts?

    thanks in advance!

    carrie

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hey @intcon,

    What you’re experiencing is quite normal — especiallly with the advent of AI bots and crawlers.

    On the positive side, Wordfence is doing its job. If you wish to increase your site’s protection level and free up some bandwidth, you can always go to: Wordfence > All Options > Firewall Options >Rate Limiting (ensure the toggle is ON then set your throttling parameters as needed).

    Other Useful Options:

    1. If you’re using a CDN like Cloudflare, you can always use its anti-bot feature or create a WAF rule to block the bots that are crawling your site.
    2. You can update your htaccess file to incorporate the 7G firewall as explained here.
    3. Use a hosting provider that offers server-level anti-bot protection. SiteGround, for example, offers this feature. If too aggressive, you can always ask them to turn it off for your site.

    We follow the above and highly recommend doing the same.

    If the above solves your issue, kindly consider closing this topic as “Resolved.” Otherwise, happy to provide additional guidance.

    By the way, great website!

    Cheers!

    Plugin Support wfmargaret

    (@wfmargaret)

    Hi @intcon,

    As @generosus advised, these kinds of attacks are normal and very common. Wordfence will work to automatically protect your site. Here is a blog post explaining why hackers are interested in your site and steps you can take to keep your admin account protected:
    https://www.wordfence.com/blog/2018/03/ask-wordfence-why-is-an-insignificant-site-like-mine-being-attacked/

    Wordfence, as an endpoint firewall, cannot stop a bot or human from?trying?to visit your website altogether, but rather deal with the visits appropriately based on your settings when they happen. My general advice is that Wordfence does all of the important blocking for you automatically. However, if you wish to make your brute force or rate limiting rules a little stricter so that they can’t retry as frequently, you might find the following links useful to learn some more:
    https://www.wordfence.com/help/firewall/brute-force/
    https://www.wordfence.com/help/firewall/rate-limiting/

    Thanks,
    Margaret

    Thread Starter intcon

    (@intcon)

    Thanks so much for the info and solutions…much appreciated!

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.