Efs

Oh i see. Well to be more exact i have seen this in my server logs

From
07-31-19 11:00 epf – 9 (epf= entry proceses)

To
07-31-19 12:00 epf – 9 (epf= entry proceses)

11:00 35.197.211.18 -> Europe (google cloud.) /wp-login.php and also xmlrpc.php
11:05 91.184.209.52 warnings Nothing that i saw.
11:06 46.101.41.101 -> London blocked by server in /wp-login.php and also /xmlrpc.php
11:11:17 104.238.103.72 -> United States (US) blocked by server in /wp-login.php and also /xmlrpc.php
11:11:24 165.22.250.212 -> Singapore blocked by server in /wp-login.php and also /xmlrpc.php
11:13 95.179.167.247 -> Germany blocked by server in/wp-login.php and also /xmlrpc.php
11:17 80.191.140.42 -> Iran blocked by server in /wp-login.php and also /xmlrpc.php
11:20 128.199.72.159 -> Singapore blocked by server in /wp-login.php and also /xmlrpc.php
11:27 167.179.102.58 -> Tokyo blocked by server in /wp-login.php and also /xmlrpc.php
11:29 68.183.33.7 -> London blocked by server in /wp-login.php and also /xmlrpc.php
11:32 119.28.54.37 -> Hong Kong blocked by server in /wp-login.php and also /xmlrpc.php
11:39 79.137.46.233 -> Ireland blocked by server in /wp-login.php and also /xmlrpc.php
11:43 162.144.38.66 -> United States blocked by server in /wp-login.php and also /xmlrpc.php
11:45 77.221.147.12 -> Russia blocked by server in /wp-login.php and also /xmlrpc.php
11:55 103.48.193.61 -> Vietnam blocked by server in /wp-login.php and also /xmlrpc.php
12:00 217.182.76.123 -> Poland blocked by server in /wp-login.php and also /xmlrpc.php

Where blocked by server i mean the message bellow:

ModSecurity: Access denied with connection close (phase 1). RBL lookup of 123.76.182.217.rbl.malware.expert succeeded at REMOTE_ADDR. [file “/etc/httpd/conf/plesk.conf.d/modsecurity.conf”] [line “125”] [id “400010”] [msg “Malware host detected by rbl.malware.expert”] [hostname “www.andreasioannides.com”] [uri “/wp-login.php”] [unique_id “random letters”]

ModSecurity: Access denied with connection close (phase 1). RBL lookup of 123.76.182.217.rbl.malware.expert succeeded at REMOTE_ADDR. [file “/etc/httpd/conf/plesk.conf.d/modsecurity.conf”] [line “125”] [id “400010”] [msg “Malware host detected by rbl.malware.expert”] [hostname “www.andreasioannides.com”] [uri “/xmlrpc.php”] [unique_id “random letters”]

This could be a false positive in some chases but now this looks suspicious.
I try to find a solution and i am a bit lost. This happens most of the cases the last 7 days or more.

• This reply was modified 5 years, 7 months ago by Efs.

I have checked most of them and i found out that the IPs are bouncing every 1 minute for about 1 hour. That could be caused by some CDN that is trying to reach (the plugin) or is probably proxy bounce from an attacker? (If i may use the terminology correctly.)

Thank you for your response.

Do you know if there is any solution to monitor or find what bots do this mess?

2 out of 4 of our payment gateways *

Really thank you . For your time and your patience that you took to explain me any questions. Consider creating some lessons in the future if you have a free time . For a free plugin you really know what to do and how to treat the users. You have my gratitude and my respects. Keep up the good work.

Best Regards,
Stathis Efstathiadis

• This reply was modified 6 years ago by Efs.

Ok so after one day and quite some test the cache is not maxing out any more when i have “Save aggregated script/css as static files” ticked and the inline aggregations unticked.
So as i understanded now the are 2 types of aggregation. The main that autoptimize does and the inline aggregation that a site have in it’s pages.

All good with the cache . It dose not come up so quickly

But now when i run a page speed test , it comes up a recommedation that i must “Defer unused CSS” and the links that come are from wp-content/cache/autoptimize/css/…. Does this option , has anything to do with the static aggregation that i serve now ? Or it is exclusivly done because i excluded from optimizaition the wp-contet/cache directory?

Ok i will do. If not today tomorrow for sure i will contact you here.

Ok . I did it. Now i see that the static files that are served are 51 on the js folder and 30 files for the css folder.

So in the misc options i should tick the “Save aggregated script/css as static files?And also activate the aggregation in css and js again?

I see only the index.html in both of the folders.

• This reply was modified 6 years ago by Efs.

On my way to check them . Give me a couple of minutes

UPDATE : So i put the ct_checkjs in the exludion list and unticked teh option to aggregate inline JS.I also added wp-content/cache, wp-content/uploads on the CSS exludion list also.Still i get the cache full. I did not untick the inline css aggregation. But i don’t know if this matters . Any thoughts?

Ok i will. I will contact you soon with some more results.
Thank you very much for the help and the clarifications.

Yes that answer was on the spot and clarified most of my question.
I will do another test and i will inform you. For now i will not aggregate the inline js.
Also i tried with Chrome web developer tools to find the script above, but my efforts came to a vain. Can you point out where i cna find that script?

Thanks in advance for all the help.

Hello again . I added ct_checkjs_register_form in the exclude list . Also aggregate inline JS was not disabled to be honest and the aggregate inline css was also on.
I know that you told me to diactivate them . But i remember that i had this two options active before and the cache was not filling so fast. This was starting to happen after i installed the Anti-spam plugin.So is there any problem with this plugin or the newest version of autoptimize tends to do that?