Mobile app version of vmapp.org
Login or Join
Bryan171

: Wordpress security from bots One of my clients website is getting massive traffic from China most of which are bots. These bots are hitting the site nonstop causing the VM to use very high

@Bryan171

Posted in: #Botattack #Security #Wordpress

One of my clients website is getting massive traffic from China most of which are bots. These bots are hitting the site nonstop causing the VM to use very high cpu and memory. As a result it is costing my client my as the site is hosted on cloud.

I have Blocked most of the IPs. I even blocked the whole country but that does not seem to help. Still the site is getting massive amount of hits per minute.

These bots are hitting one specific URL which had a Email form. I removed the email form. Changed the URL and even redirected the old url to a different site.

But none of these seem to have any effect of the CPU and RAM usage. Any help is appreciated.

Thanks

10.01% popularity Vote Up Vote Down


Login to follow query

More posts by @Bryan171

1 Comments

Sorted by latest first Latest Oldest Best

 

@Heady270

Block IP Addresses

If you find that certain IP addresses are hitting your site over and over, you can block them individually in .htaccess

Order Deny,Allow
Deny from 1.1.1.1
Deny from 2.2.2.2
Deny from 3.3.3.3


Too many rules are required to block entire regions of the world by IP address in .htaccess. For example blocking the US would require 150,000 lines of text. (Source)

Block User Agents

If the bots are not spoofing major browsers, you can block them by user agent:

# Bot Blocker
<IfModule mod_setenvif.c>
SetEnvIfNoCase User-Agent ^$ keep_out
SetEnvIfNoCase User-Agent (pycurl|casper|cmsworldmap|diavol|dotbot) keep_out
SetEnvIfNoCase User-Agent (flicky|ia_archiver|jakarta|kmccrew) keep_out
SetEnvIfNoCase User-Agent (purebot|comodo|feedfinder|planetwork) keep_out
<Limit GET POST PUT>
Order Allow,Deny
Allow from all
Deny from env=keep_out
</Limit>
</IfModule>


(Source)

Other techniques

This article has a number of other techniques that you can use. The article explains each one very well, so it would be better to read the details about each one there.


Find hosting that does the blocking
Use a CDN
Install Apache modules such as MaxMind
Implement blocking in your application (such as PHP)
Use routing tables
Use ModSecurity on the webserver
Use a proxy service such as CloudFlare

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme