John,
Most websites are constantly attacked and probed. Public broad reaching awareness of this is possibly one of the best things about Wordfence, since once we’re all aware (and angry) perhaps public opinion will shift to pressure for measures that slow down what is becoming the bot apocalypse, costing huge amounts of money in wasted bandwidth.
To stop a bot? Be aware there are essentially three levels where you can block the IP specifically. Do it in Wordfence, or a server configuration file that’s another level up from your basic website, usually the .htaccess file, or block the IP using a server firewall.
That said, whack-a-mole bot defense is usually a good waste of time, BUT if a bot is heavily attacking I believe it’s a good idea to do manual blocking at the higher levels. But there is a time-cost-benefit ratio to doing this. Be careful.
In real life it sometimes works this way: Say you have a website that uses basic WordPress managed hosting costing $45 a month. Without manual hands-on bot defense, perhaps the bot attacks are taking you up to the next tier in service, at $72.00 a month. But say you can play whack-a-mole and keep yourself in the $45.00/month tier? You are thus receiving a benefit of $324 a year for your time spent manually blocking.
But does such effort really work? The more robust attacks will come from a variety of IP numbers so manually blocking won’t be worth the time. And in many cases it’s better to do things that are more broad based. One of the first steps is to be honest with yourself and implement country blocking for all countries you don’t expect or need legitimate traffic from. If you combine that with normal Wordfence settings, and play around with the rate limiting settings, it’s amazing how much reduction you can quickly get in the amount of bot traffic (though when bots-hits are blocked they’re still using a certain amount of bandwidth, just not so much since they don’t get into your site and start crawling around).
MTN
Thanks mountainguy2.
I study what you said and probably just learn to live with it. I don’t really want to block all traffic from one country – most at the moment is coming from the US.
I’ll take your advice and play around with some more settings in Wordfence. Thanks again.
Hello johnnymee,
any traffic can be stopped but you have to weigh the risk of blocking legit users against the benefit of blocking “crappy” traffic. If all the attacks are from the same IP it’s very easy. Just block that IP permanently (Click on “Block this IP”) in the “Live Traffic” list. You can remove the permanent block on the IP when you no longer see any attacks arriving from it.
