Bad Bots to WordPress

  • hohohonhk

    (@hohohonhk)


    8 years, 1 month ago

    Hi everyone,

    Recently, I got a warming from my hosting SiteGround that my Account CPU Usage and Account Execution Usage are so high that exceed their limits, and thus suspense my website.

    After they suggested me to install Wordefence Plugin, I found that there are a lot of bots automatically visit my website that make the CPU Usage and Execution Usage remain at high level!

    May I know if there is any solution to solve this kind of problem, to reduce the usage?

    Thanks a lot!!!!!

Viewing 3 replies - 1 through 3 (of 3 total)
  • xprt007

    (@xprt007)

    8 years, 1 month ago

    How have you configured Wordfence, if I may ask?
    I also get very frequent attacks on my site, sometimes brute force login attempts, some of which try literally every few seconds to login in for hours.
    I have taken a number of measures, like configuring Wordfence to block login attempts from IP addresses, for example of non-existent usernames right away and 2 times for a false password, etc. I do not have many users logging in frequently and if I see a failed log in attempt of a real user, if I feel like it, write them and tell them they used the wrong username. If not, they will try again themselves sometime later, like after an hour or depending on the time you have configured.

    There are also options regarding password recovery, limiting the number of times a user from a particular IP can use it and lots of other measures.
    Do you use Google captcha and similar measures? All taken together help make it harder for these criminals from trying to access the site & using its resources.

    • This reply was modified 8 years, 1 month ago by xprt007.
    xprt007

    (@xprt007)

    8 years, 1 month ago

    You might also want to consider using the cloudflare plugin. It requires registering at cloudflare.com, for the FREE plan if you want, but part of the configuration requires you to use their nameservers. According to some site “… this will make your site load faster, it will save your I/O and even protect your sites from some hacking systems.”
    I have been using it for several years, but had to give it up recently after changing the host, because of the nameservers issue. My new domains are add-on domains, requiring using the new host’s nameservers, meaning I cannot use those of Cloudflare.

    Thread Starter hohohonhk

    (@hohohonhk)

    8 years, 1 month ago

    @xprt007
    Thanks for your sharing.
    I have tried to limited them too, and I also installed a plugin called Blackhole Bots too! But seem the problem is remain.

    The instant log sheet from Wordefence shows that most of the bots are browsing some links, like hash tag links, special images and so on.

    I have no idea to block them, so see if any expert can help me?

    Great thanks!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Bad Bots to WordPress’ is closed to new replies.