Any recommended resource?
Ya got any good practices for a wordpress site under attack?
I've enabled bot fighting mode but still some traffic goes through targeting xml and cron
4 Replies
He seem to exploit POST forms and other high resource intensive things like the search function.
I put challenge on one thing he goes for the next kinda thing😅
He's using Datacenter IP
?ddos
If you are under a DDoS attack then you can take a look at these threads for first steps and help with mitigation:
- https://community.cloudflare.com/t/under-ddos-attack-first-steps/89476
- https://community.cloudflare.com/t/mitigating-an-http-ddos-attack-manually-with-cloudflare/302366
find a pattern and apply a matching waf rule
or keep it simple, if it's a single ip block that, or the asn if it doesn't include any of your customers