HMSRE

That’s GREAT info Caleb. I don’t have a VPS (shared still) but that would be the ideal way to block by country. Much better than the long list of China and Russian IPs I loaded into htaccess today because I am limited (not able to install ).

Used IP2Location to create a list of deny IPs and loaded in the bottom of my htaccess. I do agree I don’t need the entire world to have access. Just wish my host could offer something better on their end.

I will look to use Cloudflare and you are spot on (as expected) about their dos attack benefits – something I think would be helpful. However, I also see your point about necessity if most traffic is here in the US (and Google) then I really don’t need all their bells and whistles.

Now you have me wondering about your mirrored subdomains comments. That sounds really interesting and something I need to highly consider asap to help this site scale.

Very appreciative for your time here… you have a great blog post for your site right here too.

Dave

I should say I *did* notice the homepage setting here:
Default Front Page TTL
*Using the homepage reference as an example – would benefit from being able to include other pages.

Dave

Good points indeed. Thanks Krzysztof.

Caleb – you rock. I appreciate your help. Just moved my blocked list left to .htaccess. Your website suggestion was PERFECT. It spit out exactly what I needed.

So to recap:
1) Moving deny list “to the left” in my .htaccess file cuts off access before it goes to WF.
2) WF wont be logging these exact IPs (within their ranges) because it’s blocked BEFORE WF.
3) This should calm some things down from sites entering into php land with WF requiring more resources to handle what htaccess could upfront.

Next question – should I deploy a CDN to further help with this effort? Been holding off for SEP reasons and the issue with the “naked domain” – I know, keep my personal life personal… but hope you follow. A CDN needs to use www. domain .com and if you just use domain.com, you COULD lose some Google juice or chutzpah. Might not be something you deal in much, but curious if you’re using one too. Thanks!

Dave

Great advice and I concur Caleb. Some helpful tips too.

I keep on top of my live feed often – blocking anyone hitting the login page and these bogus referrers. I notice that my robots file helps tell them not to hit my site ever 2 seconds so that works well but those spammers (non spiders) are just annoying and slowing down my site.

QUESTION: should I started building a really long list in my .htaccess file with bad IP’s etc?

EXAMPLE:

Order Deny,Allow
Deny from 127.0.0.1
Deny from 192.168.1.1

Or will a lengthy file over time slow down the entire site? I know every site needs to pass through both WF and the .htaccess file – so which is best? And if htaccess, I think I will use WF to quickly block those site and weekly take the blocked list and move the high abusers to the server file method… just a thought. Yours to help speed up a slowing website as it battles with spam? And no, I don’t have my CDN hooked up yet because we use a “naked domain” – one without the www which Cloudflare needs – so it may hurt our SEO and the reason I’ve pushed back on using a CDN, crazy, I know.

Appreciate your help and support. Thanks.

Dave

That is GREAT advice Caleb – thank you! I have used block this network before but since OVH does have a bad reputation of spam while also hosting some other legitimate sites, I thought it could be too broad. But I’d rather use that approach since the reverse lookup will slow us down for sure. Will start going into the blocked requests now and convert them.

Also hope some other filtering ideas shared above can be implemented in the future to make spam squashing more efficient for end users like us.

Best,
Dave

Side note for LS – only thing I regret about the plugin is that my host (A2hosting) doesn’t support crawling for their shared plans. Not your issue, but they could easily productize that and I would be FIRST in line to buy it. Just a suggestion on helping them create such a feature with some case studies of which I’d be happy to work with you guys one since I do have more pages than most will ever have… and I only ask for a 3% referral fee for the shared hosting product idea – hahaha.

Again, you guys rock.

Dave

Done – 5 Stars!

I chose to add the space in front of the “ExpiresDefault” line and it seems to work great. Save htaccess file and hard-refresh your admin page. It goes away.

Thanks Team LS.

Dave Geipel

I think I follow – I will remove that line… I just know all the speed test sites state to leverage browser caching and most tutorials have the same line to include.

Love the plugin so far – it was so needed and much better that w3tc so far.

Thx for your reply. I spent a few hours debugging even with the Theme author for Enfold (kriesi). See my posts here Enfold Post / Page Update and White Screen.

The only plugin that caused this issue was enfold. I removed old plugins too just in case… even removed any caching programs to debug. Thought it could have been wordfence too but deactivating that didn’t work either.

So is the conflict on their end? Perhaps. But you should know if you’re the root cause because it ONLY happens when Yoast is activated.

Delete. My theme had me add this to the child functions.php file…

function ava_change_editor_text_colour() { 
?>
<style>
.js .tmce-active .wp-editor-area {
    color: #000 !important;
}
</style>
<?php 
}
add_action('init', 'ava_change_editor_text_colour');
?>

This broke Wordfence – removed it and it works again. Just a heads up.

Dave

I presume it’s safe to say this plugin is NO LONGER SUPPORTED? Taking the delay to a simple reply to this issue plus it hasn’t been updated in 7 months… leads me to the only sane conclusion look elsewhere. That’s a real shame.

Dave

Thanks Rich. Ours our old links from our previous site that had those URLs and when you setup the redirect, it fails. Will have to open a ticket. I appreciate the follow up!

Dave

What was the issue? Seem to be having same issue on our side too – same exact use case. Thx.

Dave

btw – we have pro version.