How to Mitigate DDoS Attacks on WordPress

To mitigate DDoS attacks you can implement several methods.

The first method is to forbid access to your website by IP address on the level of your webserver by adding a rule in the file «.htaccess» manually.

The second method is to install the CleanTalk Security plugin for WordPress, our feature Traffic Control that protects from DoS is enabled by default.

CleanTalk Traffic Control monitors each request from any IP address and if the number of requests exceeds the limit in a certain time period then this IP address will be temporarily blocked and it wouldn’t be able to access your website at all.

For instance, if an IP address sends requests to your website with a frequency of 1000 requests per 1 hour, such activity will definitely be blocked for 1 hour.

You can adjust the settings of Traffic Control as you want and as you find appropriate. To do that, go to your WP Dashboard → Settings → Security by CleanTalk → General Setting → Firewall.

Time frame to measure page hits – here you can set a time period which will be taken to calculate the number of requests of your visitors.

Block a visitor if the count of the opened pages in the time frame more than – here you can set your limit of requests after exceeding which any IP address will be blocked.

Block a visitor if they exceed the limit of opened pages for X minutes – this option is meant for setting a time period a blocked IP address will be put in.

Ignore logged-in users – tick this option to ignore all requests going from your logged-in users.

Also, on the tab Firewall, you can see all IP addresses that are visiting your website right now.


What are DDoS and DoS?

These are types of attacks on a website when a lot of requests are being sent. If the number of requests is quite high then it will result in problems with the website functioning.

The difference between DDoS and DoS consists of that DDoS has a distributed attack, meaning it is executed from many IP addresses, while DoS has just one or a few IP addresses.

Why DDoS and DoS might be dangerous to a website

Such types of attacks is based on the fact that a webserver has to process each request, thus running all website page scripts, loading all pictures, and so on spending its resources. As a result, the website will function slower or start giving an error on attempts of visiting any page.
The second trouble is in a high volume of your website traffic, in some cases, it may lead to unexpected expenses or a warning from your hosting provider.

It’s unwise to underestimate the dangers of such types of attacks and spend your time forbidding IP addresses manually, it’s more efficient to give this task to the automated tools.

You can install the plugin Security & Malware scan by CleanTalk from the WordPress catalog.

WordPress DDoS Protection. How to Mitigate DDoS Attacks

Leave a Reply

Your email address will not be published. Required fields are marked *