Plugin Support
wfmark
(@wfmark)
Hi, @beingbaban, Thanks for reaching out.
An increased attack rate would happen for one primary reason – attackers are more active. Most likely, someone ran a script against your site to see if they could find a security hole. Since all of the requests were blocked, there is nothing you need to do.
You can also disable this email if you want since there is no action you need to take when attacks increase. It’s more of a notification for people who may want to dig further. But that would be more out of curiously that necessity. If you want to disable the option, it’s called “Alert me when there’s a large increase in attacks detected on my site” and you can find it by searching at the top of the Wordfence “All Options” page.
Unfortunately, large attack rates is an everyday occurrence on WordPress sites. That is of course precisely why developed Wordfence.
For the sites with a premium license, please open a support ticket at https://support.wordfence.com. They will be able to assist you faster and more efficiently.
Thanks,
Mark.
when we receive increased attack rate mail from wordfence.
We also block that IP in wordfence block list after the email.
Is that action required?
also, is malicious IP gets blocked permanently?
@wfmark just to be precise, after getting attack email, if we manually add that IP to blocklist, does that add up to the security or it doesnt makes any difference?
Plugin Support
wfmark
(@wfmark)
Hi @beingbaban , Apologies for the delayed response.
For this specific alert, all the IPs are in the Wordfence blocklist and you don’t need to take any further actions.
Wordfence does all of the important blocking for you automatically so you don’t have to.
Let me know if you have any further questions.
Thanks,
Mark