Title: Constant apparent attacks
Last modified: September 1, 2016

---

# Constant apparent attacks

 *  Resolved [johnnymee](https://wordpress.org/support/users/johnnymee/)
 * (@johnnymee)
 * [9 years, 11 months ago](https://wordpress.org/support/topic/constant-apparent-attacks/)
 * For the last 2 days, my small site has been constantly “attacked” by what I assume
   is a bot. Live Traffic is blocking about one attempt per second. All Login attempts
   appear to be from the same location and IP.
 * Although the “attack” is being blocked and my site appears to be safe, is there
   anyway I can stop it?
 * Thanks.
 * [https://wordpress.org/plugins/wordfence/](https://wordpress.org/plugins/wordfence/)

Viewing 4 replies - 1 through 4 (of 4 total)

 *  [mountainguy2](https://wordpress.org/support/users/mountainguy2/)
 * (@mountainguy2)
 * [9 years, 11 months ago](https://wordpress.org/support/topic/constant-apparent-attacks/#post-7463985)
 * John,
    Most websites are constantly attacked and probed. Public broad reaching
   awareness of this is possibly one of the best things about Wordfence, since once
   we’re all aware (and angry) perhaps public opinion will shift to pressure for
   measures that slow down what is becoming the bot apocalypse, costing huge amounts
   of money in wasted bandwidth.
 * To stop a bot? Be aware there are essentially three levels where you can block
   the IP specifically. Do it in Wordfence, or a server configuration file that’s
   another level up from your basic website, usually the .htaccess file, or block
   the IP using a server firewall.
 * That said, whack-a-mole bot defense is usually a good waste of time, BUT if a
   bot is heavily attacking I believe it’s a good idea to do manual blocking at 
   the higher levels. But there is a time-cost-benefit ratio to doing this. Be careful.
 * In real life it sometimes works this way: Say you have a website that uses basic
   WordPress managed hosting costing $45 a month. Without manual hands-on bot defense,
   perhaps the bot attacks are taking you up to the next tier in service, at $72.00
   a month. But say you can play whack-a-mole and keep yourself in the $45.00/month
   tier? You are thus receiving a benefit of $324 a year for your time spent manually
   blocking.
 * But does such effort really work? The more robust attacks will come from a variety
   of IP numbers so manually blocking won’t be worth the time. And in many cases
   it’s better to do things that are more broad based. One of the first steps is
   to be honest with yourself and implement country blocking for all countries you
   don’t expect or need legitimate traffic from. If you combine that with normal
   Wordfence settings, and play around with the rate limiting settings, it’s amazing
   how much reduction you can quickly get in the amount of bot traffic (though when
   bots-hits are blocked they’re still using a certain amount of bandwidth, just
   not so much since they don’t get into your site and start crawling around).
 * MTN
 *  Thread Starter [johnnymee](https://wordpress.org/support/users/johnnymee/)
 * (@johnnymee)
 * [9 years, 11 months ago](https://wordpress.org/support/topic/constant-apparent-attacks/#post-7463994)
 * Thanks mountainguy2.
 * I study what you said and probably just learn to live with it. I don’t really
   want to block all traffic from one country – most at the moment is coming from
   the US.
    I’ll take your advice and play around with some more settings in Wordfence.
   Thanks again.
 *  [wfasa](https://wordpress.org/support/users/wfasa/)
 * (@wfasa)
 * [9 years, 11 months ago](https://wordpress.org/support/topic/constant-apparent-attacks/#post-7464059)
 * Hello johnnymee,
    any traffic can be stopped but you have to weigh the risk of
   blocking legit users against the benefit of blocking “crappy” traffic. If all
   the attacks are from the same IP it’s very easy. Just block that IP permanently(
   Click on “Block this IP”) in the “Live Traffic” list. You can remove the permanent
   block on the IP when you no longer see any attacks arriving from it.
 *  Thread Starter [johnnymee](https://wordpress.org/support/users/johnnymee/)
 * (@johnnymee)
 * [9 years, 11 months ago](https://wordpress.org/support/topic/constant-apparent-attacks/#post-7464061)
 * Thanks wfasa.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Constant apparent attacks’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

## Tags

 * [attack](https://wordpress.org/support/topic-tag/attack/)

 * 4 replies
 * 3 participants
 * Last reply from: [johnnymee](https://wordpress.org/support/users/johnnymee/)
 * Last activity: [9 years, 11 months ago](https://wordpress.org/support/topic/constant-apparent-attacks/#post-7464061)
 * Status: resolved