Title: Difference in server load
Last modified: August 30, 2016

---

# Difference in server load

 *  Resolved [Okoth1](https://wordpress.org/support/users/okoth1/)
 * (@okoth1)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/difference-in-server-load/)
 * Hi,
 * Just got a brute force attack which lasted 5.5 hours. Didn’t get in of course,
   waste of time.
 * I’m using now this in my htaccess which caught all the wp-login.php requests 
   before your plugin did.
 *     ```
       # BEGIN WordPress
       <IfModule mod_rewrite.c>
       RewriteEngine On
       RewriteBase /
       RewriteRule ^loginpage$ /wp-login.php?hfju7hdjto0jf6hd3[CO=accesss:666:mydomain.com,R,L]
       RewriteCond %{QUERY_STRING} !^hfju7hdjto0jf6hd3
       RewriteCond %{QUERY_STRING} !^action=logout
       #RewriteCond %{QUERY_STRING} !^action=rp
       #RewriteCond %{QUERY_STRING} !^action=register
       #RewriteCond %{QUERY_STRING} !^action=postpass
       RewriteCond %{QUERY_STRING} !^step=upgrade_db
       RewriteCond %{HTTP_COOKIE} !^.*accesss=666.*$
       RewriteRule ^wp-login.php$ http://127.0.0.1/ [L,R=301]
       RewriteRule ^index\.php$ - [L]
       RewriteCond %{REQUEST_FILENAME} !-f
       RewriteCond %{REQUEST_FILENAME} !-d
       RewriteRule . /index.php [L]
       </IfModule>
       # END WordPress
       ```
   
 * So they were all sent to 127.0.0.1 because I renamed the login page as well. 
   Then I was thinking what gives the least server load, the above code or this 
   one?
 *     ```
       <Files wp-login.php>
       Order Deny,Allow
       Deny from All
       Allow from x.x.x.x
       </Files>
       ```
   
 * I actually want to make it in such a way that the requests will end up in the
   plugin’s firewall log (so the requests are caught by NF) but I’ll get an email
   that a brute force attack is going on and maybe also adding the last block of
   code to the htaccess and remove it automatically after 3 hours or so.
 * But if there is no difference in server load I could keep the redirect to 127.0.0.1
   as well. Still I like to idea to get an email when things are going on (which
   I am going to add anyway ;))
 * [https://wordpress.org/plugins/ninjafirewall/](https://wordpress.org/plugins/ninjafirewall/)

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/difference-in-server-load/#post-6630338)
 * Hi,
 * Most bots will not follow the 127.0.0.1 redirection. They will check the HTTP
   code status and, if it matches what they are expecting, they will parse the HTML
   content of the page or its headers (cookies etc).
 * If that is your server, you can enable the ‘Write incident to the server AUTH
   log’ in the ‘NinjaFirewall > Login Protection’ menu and setup a cronjob to parse
   your auth.log and to send you an email.
 *  Thread Starter [Okoth1](https://wordpress.org/support/users/okoth1/)
 * (@okoth1)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/difference-in-server-load/#post-6630366)
 * Hi,
 * Thank you for the explanation. But when I see a 301 the bot that I had earlier
   today was redirected, right?
 * Unfortunately this is not my server, but I’ll experiment some more.
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/difference-in-server-load/#post-6630386)
 * The server returned a 301 HTTP status code + the link to the redirection, but
   that does not mean the bot followed the redirection.
 *  Thread Starter [Okoth1](https://wordpress.org/support/users/okoth1/)
 * (@okoth1)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/difference-in-server-load/#post-6630405)
 * Thanks, learnt something new today.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Difference in server load’ is closed to new replies.

 * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137)
 * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/)
 * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [Okoth1](https://wordpress.org/support/users/okoth1/)
 * Last activity: [10 years, 8 months ago](https://wordpress.org/support/topic/difference-in-server-load/#post-6630405)
 * Status: resolved