Traffic flood to /blog/YYYY/MM?

  • Hello,

    We are a hosting company and have many folks running WordPress. It seems once a blog gets successfully, the attackers come out in full-force.

    A long in particular keeps getting floods of traffic that are going to URLs like this:

    111.111.111.1 https://www.clients-domain.com GET /blog/2005/01/ HTTP/1.1
    111.111.111.1 https://www.clients-domain.com GET /blog/2004/03/ HTTP/1.1
    111.111.111.1 https://www.clients-domain.com GET /blog/2004/12/ HTTP/1.1
    111.111.111.1 https://www.clients-domain.com GET /blog/2004/11/ HTTP/1.1
    111.111.111.1 https://www.clients-domain.com GET /blog/2004/10/ HTTP/1.1
    111.111.111.1 https://www.clients-domain.com GET /blog/2004/09/ HTTP/1.1
    111.111.111.1 https://www.clients-domain.com GET /blog/2004/07/ HTTP/1.1

    I replaced the IP address and clients domain. Basically, this same IP address will flood their fairly large blog with these accesses (its an old blog, so these go back pretty far). They will send thousands of accesses at a time. Eventually, it overloads the server and a reboot is needed.

    I am looking for options / methods to help combat this type of attack. The IP addresses are typically non-USA based, and typically trace back to a server that is most likely hacked or a personal PC. I block the IPs as a I see them, but the IPs always change.

    Thanks for any feedback on this situation.

    David Hasbrouck

    PS: Sorry if this has been answered, I couldn’t find this specific issue in the forums.

  • The topic ‘Traffic flood to /blog/YYYY/MM?’ is closed to new replies.