Thank you for the link. I have all those things set even tighter than the article suggests. I have also set on the CleanTalk website the blacklist of several countries. I see attempts from those blacklisted countries (shown as blocked) in the Firewall list of activity – along with attempts from many other countries.
The “Security by CleanTalk” plugin is not stopping this from consuming all the server resources.
On the Firewall list I see most of the requests are for “Add to Cart” and one filter – all on one of our catalog pages. It is obviously very targeted. Are there any settings for your plugin to stop this consumption of resources?
Thank you for your reply.
We are investigating this case. Please, wait up to 3 business days.
If you are looking at my site to understand the problem, please know that I redirected most requests manually because I can’t wait 3 days while my site is being attacked. This is a VERY temporary fix, that limits some functions – while waiting. I am happy to take this conversation off the support board to discuss issues, to un-redirect things so you can see the issues, or whatever.
Hello.
We’ve analyzed the situation and can confirm that the plugin is working properly, blocking access to the site for all undesirable users.
We’ll see what we can do to reduce the website load, but it won’t be quick. A task has been created to investigate this, and the timeline is still unknown.
For now, we recommend tightening your traffic control settings.
Hello @sybydesign,
Could you please activate the Check anonymous users when they add new items to the cart in the Anti-Spam plugin settings:
WordPress Admin Page —> Settings —> Anti-Spam by CleanTalk
Does this resolve the issue?
@amagsumov that is a good suggestion, but after watching for a few hours, it does not seem to have an effect.
Tightening traffic controls does have an effect, but small. Blocking countries probably has the biggest effect, but that can only go so far.
Hello @sybydesign,
Thank you for your feedback.
Could you please mark those missed spam requests in your anti-spam logs so that we can analyze them and tweak our spam filters?
You can follow this guide: https://cleantalk.org/help/feedback-spam
I don’t see this as a part of the problem. I see the activity in the Security Plugin logs, but not in the Spam Plugin logs. A script sending requests for a link via random IPs doesn’t seem to hit the Spam plugin parameters. Even the “Anti-Flood” does not seem to apply because with the random IP’s it does not look like one source.
Please see the screenshots I sent to your company directly (referencing this thread). I also included a new way for you to process and thwart these attacks. While it is not something you currently do, it would be a game changer for the industry if you implement it.
Thank you for trying.
Thank you for your update.
I’ve forward all the details to our developers.
We’ll get back to you as soon as we have any news.
Thank you.
Hello @sybydesign
I have checked your recent Anti-Spam log and noticed a lot of blocked requests from URL that contains “add-to-cart”. You can find them here.
So, I assume that the ‘Check anonymous users when they add new items to the cart’ option in the Anti-Spam plugin we suggested worked for your case. Please keep this in mind and re-enable it after we complete our work on ticket #51012.
Correct, and not correct. The plugin settings failed to stop the attack, so I wrote my own code to do the specific obvious work as you mention. I could not wait for days with my site down. I am communicating with CleanTalk directly Ref CleanTalk ticket #51012 via email to try to solve the remaining issues.
Thank you.
When we find a solution to this issue, we will publish a public response here.
Please wait.
