Title: Transparency?! Last modified: September 21, 2019 --- # Transparency?! * [yosmc](https://wordpress.org/support/users/yosmc/) * (@yosmc) * [6 years, 8 months ago](https://wordpress.org/support/topic/transparency-15/) * So according to the plugin description, WPBruiser will protect me from brute force attacks, but according to my logs and the email messages I get about my server load being too high, it seems like it really doesn’t. * During the past week, my WordPress installations have been under attack twice. According to WPBruiser’s internal reports, the attack has been recognized from the very first minute, and the IP was blocked. But in both cases, my systems load average went up to 15 for nearly two hours. How is that possible if the attack was recognized and the IP was blocked? * According to the logs, said IP has been hammering the server thousands of times over two hours, always receiving a http 200 “found” response. Which raises the question how exactly does WPBruiser treat blocked IPs? Does it serve bogus content? Empty pages? Is the block failing? And how could I tell? Where is this documented? * I’ve mailed support, but received no reply. Very frustrating, because of course these events give me a bad reputation with my host, and I don’t want my account suspended. So now, because of the WPBruiser team not responding, I will have to abandon WPBruiser and look elsewhere. Makes me wonder why I bought one of their paid addons. * Not recommended. Viewing 2 replies - 1 through 2 (of 2 total) * [kiikiikii](https://wordpress.org/support/users/kiikiikii/) * (@kiikiikii) * [6 years, 7 months ago](https://wordpress.org/support/topic/transparency-15/#post-12120019) * Hi, I’m not affiliated with WPBruiser support, just wanted to comment. * If you aren’t using Cloudflare, you can use it for free to help fight off stuff like this. Here’s a few guides specifically for WP: [https://www.kazimer.com/how-to-protect-wordpress-with-cloudflare-firewall-rules/](https://www.kazimer.com/how-to-protect-wordpress-with-cloudflare-firewall-rules/) [https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress](https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress) * [tekgirlymama](https://wordpress.org/support/users/tekgirlymama/) * (@tekgirlymama) * [6 years, 4 months ago](https://wordpress.org/support/topic/transparency-15/#post-12398874) * Very true, CF is the best. For eCom with lots of sales or traffic, the paid upgrade is well worth it, otherwise free plans are sufficient in most cases. * Also, limit login attempts plugin, BBQ and Blackhole plugins are excellent. * And if you have your own server get someone to do some tweaking to help with issues like attacks, security. And make sure when using CF to have mod_cloudflare enabled on server. Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Transparency?!’ is closed to new replies. * ![](https://ps.w.org/goodbye-captcha/assets/icon-256x256.png?rev=1356325) * [WPBruiser {no- Captcha anti-Spam}](https://wordpress.org/plugins/goodbye-captcha/) * [Frequently Asked Questions](https://wordpress.org/plugins/goodbye-captcha/#faq) * [Support Threads](https://wordpress.org/support/plugin/goodbye-captcha/) * [Active Topics](https://wordpress.org/support/plugin/goodbye-captcha/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/goodbye-captcha/unresolved/) * [Reviews](https://wordpress.org/support/plugin/goodbye-captcha/reviews/) * 2 replies * 1 participant * Last reply from: [tekgirlymama](https://wordpress.org/support/users/tekgirlymama/) * Last activity: [6 years, 4 months ago](https://wordpress.org/support/topic/transparency-15/#post-12398874)