new user: many questions

  • Resolved sturdy2

    (@sturdy2)


    7 years, 4 months ago

    Hi, newby here. I own a small, personal shared hosting WP site w/limited resources. Using WF for a month but a few(!) things I don’t understand:
    1. Before WF, I was often unable to login due to bot/crawlers eating resources. I am now successfully blocking foreign bots that I do not want to return. But why do they receive a 503 which is an invitation to to try again? Is there a “get lost” code?
    2. My audience is USA but that includes many bots/hackers which I understand spoof IPs, refers, etc. I have blocked unwanted, known bots by name and by referer but is there a better way to block these offenders?
    3. I would really like access to my own site so Any other suggestions are greatly appreciated!

    My best,
    Sturdy2

Viewing 1 replies (of 1 total)
  • wfdave

    (@wfdave)

    7 years, 4 months ago

    Hi @sturdy2,

    1. Why is Wordfence sending a 503 instead of a 403 for blocked IP addresses?

    When an IP is blocked automatically by Wordfence, it is only temporary.

    503 – Server temporary unavailable
    403 – Forbidden

    Using 403 may be dangerous: If a legitimate bot (GoogleBot) received a 403, it will remove your site from its index.

    2. Is there a better way to block offending bots?

    Unfortunately no, the really nasty bots out there won’t announce themselves. They might even use a generic user-agent that any common user might have. If you see a large amount of unwanted traffic from certain IP ranges, you can opt to configure a IP range ban.

    3. Any other suggestions?

    You can consider IP range blocking. However beyond that, if your site is being bombarded with large amounts of traffic from various different IP addresses, you’ll need to seek out a DDOS protective service.

    Dave

Viewing 1 replies (of 1 total)

The topic ‘new user: many questions’ is closed to new replies.

Tags