Legit requests?

Hi,

I am seeing lots of requests like this on my wordpress site:

Request
POST[443]:/wp-admin/admin-ajax.php

User agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 OPR/56.0.3051.116

HTTP headers
HTTP_REMOTE_IP=197.XX.XX.XX,HTTP_FORWARDED=for=145.YY.YY.YY; proto=https; host=www.xyz.es,HTTP_X_REMOTE_PROTO=https,HTTP_X_REMOTE_IP=145.YY.YY.YY,HTTP_X_REMOTE_PORT=33714,HTTP_X_FORWARDED_PROTO=https,HTTP_X_FORWARDED_PORT=443,HTTP_REF…

$_POST data
action=kksr_ajax,id,stars,_wpnonce

From many different countries.

I use the “KK Star Ratings” plug-in, but even with it disabled and the plug-in folder in wp-plugins removed, the requests keep coming in.

Are these legit requests or is this some kind of attack? How can I know if the attacks are successful or not? And most importantly, how can I stop these requests from being counted by my Google Analytics reports? (I currently have the “IP Geo Block” plug-in with lots of countries blocked, but the Google Analytics stats are still showing a crazy number of visits to my site).

Thanks!

• This topic was modified 7 years, 1 month ago by diwit.
• This topic was modified 7 years, 1 month ago by diwit.
• This topic was modified 7 years, 1 month ago by diwit.
• This topic was modified 7 years, 1 month ago by diwit.
• This topic was modified 7 years, 1 month ago by diwit.
• This topic was modified 7 years, 1 month ago by diwit.