Bot attacks – server receiving loads of requests per min especially from France

  • Resolved Ismail

    (@elhardoum)


    9 years, 10 months ago

    My forum has been attacked by bots mostly from France as well as spam users from same country with “optimuslinks.com” as mail domain.
    ( I think I dealt with spam users blocking that domain using wangguard )

    Those continuously server requests are harming my server CPU resources and make my sites down from time to another.

    my question is, is there any way to stop this? any way to block France bots or block every unwanted bot etc?
    Any thoughts and suggestions are highly appreciated.
    Thank You All!

    P.S: I use Wordfence security plugin..

Viewing 4 replies - 1 through 4 (of 4 total)

  • You can tweak your Wordfence throttling settings to maximum hits per minute, and/or I believe the NinjaFirewall plugin that works out if *front* of WordPress might also be able to do that as well as to block certain agents.

    Do you own your own domain ? If you do, then you can, if you like, add your site to the cloudflare CDN. They have an option in which they do NOT provide CDN features, but actually only act like an intermediary between your registrar (the one holding your domain name and telling the internet where to go if they’re asking for your domain name) and your hosting account.
    And from there on, you can add “rules” to block stuff like countries, I think.

    You can also block countries in your website’s htaccess.
    For instance :
    ErrorDocument 403 https://link.to.an.image.that.will.be.shown.to.the.french.telling.sorry.but.hackers.from.your.country.forced.me.to.block.you.all.frenchies.jpg
    <Limit GET HEAD POST>
    order allow,deny
    deny from .fr
    allow from all
    </LIMIT>

    There are also firewall plugins for wordpress providing that feature, but the two I tested two years ago got mixed up with wp-supercache and would block even people from the non-disallowed countries, hopefully that’s working better nowadays.

    Thread Starter Ismail

    (@elhardoum)

    Thank you guys.
    @leejosepho, I used NinjaFirewall and it is working great along with Wordfence. thank you !!
    @sabinooo where have you being all this long to tell me about Cloudflare ? lol. I am using Cloudflare CDN now, it is actually saving my actual host CPU and running the site smoothly. in addition of course to a free ssl ( universal ssl ).
    I was using a self CDN before ( cdn.mysite.com ) with w3 total cache tool. now, had to shut it down and let CloudFlare do the job.
    Thank you all. have a nice day ??

    P.S: for those suffering from raising spam registration accounts from specific email domains ( i.e mail.ru .. ) you can use Wangguard to block registration coming from those domains, and their Addon also, in case the domain isn’t listed in the wangguard suggestions already..

    I used NinjaFirewall and it is working great along with Wordfence. thank you !!

    I have one instance of the Pro+ version sitting out in front of my Primary Domain and string of ten others and it works great for all of them. I just had to un-check a couple of things CloudFlare can cover.

    @sabinooo where have you being all this long to tell me about Cloudflare ? lol.

    That was for me since I knew nothing about it and took a look and got it going right after Sabinooo’s post!

    Many thanks to each of you.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Bot attacks – server receiving loads of requests per min especially from France’ is closed to new replies.