Replies: 0
I have a site that’s under constant attack and I’m not sure what the purpose of the attack even is. Could just be a denial-of-service attempt. It’s a human attack, always trying to access https://www.mysite.com/search/randomsite.cn
I turned off the WP search function, and removed the search box from the 404 page. I put rate limiting on all 404 pages (users really shouldn’t be getting any) and I put a ban on the /search/ URL.
Someone is still able to access that URL though. Wordfence says it blocked them for “banned URL,” and the IP says it’s blocked, but there might be seven or eight entries for that particular IP before it looks like they’re banned. Any idea why this would be? It keeps causing “faults” in my hosting and limits resources. Not sure why. Any guidance would really be appreciated.
Thanks!