How to fix the live traffic,have a lot of DDS problem, the site very slow

Thank you for support.

Please see wordfence live traffic, have a lot of dds or spam traffic, and sites go s to very slow,how to fix it, and solution.

Support is open,please kindly take look and find solution.

Thanis!

  • Nithin
    • Support Wizard

    Hi ShareWin,

    Hope you are doing good today. :slight_smile:

    Thank you for enabling support access, it seems like majority of the hits are from bots, and the hits seems to be in a continuous flow. Could you please rename your file xmlrpc.php located in your root folder, to xmlrpc ie remove the php extension.

    This will help with reducing this issue, you could change the login link of your website using a plugin like WPS Hide login:

    https://wordpress.org/plugins/wps-hide-login/

    You can check these docs, to block any repating IP ranges:

    https://docs.wordfence.com/en/Advanced_Blocking

    Live traffic module of Wordfence needs high resource to run, would recommend you to increase your memory resource in order to monitor the hits made on your install. I hope this helps.

    Kind Regards,

    Nithin

  • ShareWin
    • The Incredible Code Injector

    Hi Nithin,

    Thank you for support.

    1.

    Many site http://www.24hws.com page isn’t working

    is currently unable to handle this request.

    HTTP ERROR 500

    But /wp-admin and subsite still could log in to. I reboot the server, main site still not work.

    2.

    I can not connect FTP yet, so didn’t do any thing.

    hits are from bots from where? why have those bots?

    3.

    If use WPS Hide Login

    The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. So how other user how can reg or log in the site?

    4. If rename file xmlrpc.php located in your root folder, to xmlrpc ie remove the php extension.

    any side results?

    Thanks!

  • Kasia Swiderska
    • Support nomad

    Hello ShareWin,

    Many site http://www.24hws.com page isn’t working

    is currently unable to handle this request.

    HTTP ERROR 500

    But /wp-admin and subsite still could log in to. I reboot the server, main site still not work.

    What exact have you done before site started to throwing 500 errors? If you remember try to revert them and write it down so we can see what was done exactly and what could cause this issue.

    Or check server error logs – there should be reason there why site is throwing 500 error.

    It might be due to htaccess changes – corrupted htaccess file can also cause this.

    I can not connect FTP yet, so didn’t do any thing.

    I’m not sure I follow here – are you saying you can’t connect to FTP or you haven’t yet tried? If you can’t what is error there when you try?

    hits are from bots from where? why have those bots?

    Those bots are spam bots – in case of WordPress specifically Forum spam bots https://en.wikipedia.org/wiki/Spambot#Forum_spambots

    The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. So how other user how can reg or log in the site?

    So other users should have new url or you can link it on the site, like in menu. Spam bots will try obvious WP links like wp-login.php or /wp-admin/ – custom links are safe.

    4. If rename file xmlrpc.php located in your root folder, to xmlrpc ie remove the php extension.

    any side results?

    Yes, pingbacks and trackbacks will stop working when xmlrpc will be disabled.

    kind regards,

    Kasia

  • ShareWin
    • The Incredible Code Injector

    Thank you for support.

    I have rename xmlrpc.php to xmlrpc.

    But looks still have same problem, and main site have a lot of subsite and mapping domains.

    majority of the hits are from bots, still same problem.

    Please kindly check, and how to fix it. Support is open.

    Thanks!

  • Nithin
    • Support Wizard

    Hi ShareWin,

    Hope you are doing good today. :slight_smile:

    Renaming xmlrpc did help in removing the hits regrading to pingbacks, and now I don’t see any call made to your xmlrpc file. I could see, most of the call are coming from the register link in the admin bar in your sites frontend. Could you please temporarily disable the admin bar at the frontend, and see whether that makes any difference.

    If you still have issue, you might have to make use of WPS Hide login plugin, and change the default login to custom link.

    I hope this should help resolve, please let us know how that goes. Have a nice day. :slight_smile:

    Kind Regards,

    Nithin

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.