wordpress.txt file – Live Feed shows this someone trying to access this non page

  • Resolved kristinubute

    (@kristinubute)


    4 months, 2 weeks ago

    Hi

    I found in my live feed it says

    someone with IP …… tried to access a non-existent page domainname.com.au/security.txt

    What is the security.txt file?

    Are they trying to hack this site to find this file?

    This is not a default wordpress file but is it a hidden file somewhere? Or is this file only found when a site is compromised ?

    And this one Activity Detail

    arrived from domain2.com.au and tried to access a non-existent page https://domain.com.au/wp-content-uploads/2019/10/logo-2019.jpg

    There are quite a few 404 errors that we don’t normally have on this client site.

    Please advise.

    Thanks

Viewing 1 replies (of 1 total)
  • Plugin Support wfmargaret

    (@wfmargaret)

    Hi @kristinubute,

    Bots may try to crawl for pages that are likely to be compromised or were previously used in a vulnerability, whether or not that vulnerability ever existed in your site. While it can be frustrating to see, these attacks can be quite common, and Wordfence will automatically continue to protect you from any threats.

    For attacks where the same IP address is accessing the site, adjusting our recommended rate limiting settings can help to throttle or block unwanted traffic. You can view our recommended settings at https://www.wordfence.com/help/firewall/rate-limiting and adjust those to your needs. If the site is configured well, I recommend reducing the rate limiting setting for If a crawler’s pages not found (404s) exceed… We typically recommend setting this to 30 or less per minute. but you may be able to make the setting more strict on your client’s site.

    Thanks,
    Margaret

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.

Tags