Limiting bad traffic to wordpress website?

[xata11]

I am having high load on one of my website, I find out that some specific Ip(s) has been hitting the homepage of my site /index.php, I am running wp and wordfence is installed, I also have attack on my login page which wordfence has tried to limit the number of login attempt to my wp-login.php page. now my index.php is heavily hitted, is there anyway to limit ip that is requesting for my login page for than 2 times.

Please help me out, its really causing me issues, I have csf installed. I also have root access to this server.

 

[cPanelMichael]

Hello @xata11,

You can find a thread on this topic at:

CSF WordPress wp-login.php block attempts

Thank you.

 

[xata11]

How to i temporarily block ip address requesting for a page more than X time.

 

[cPanelMichael]

How to i temporarily block ip address requesting for a page more than X time.

Hello @xata11,

There's a CSF forums thread you may find helpful located on the link below:

Blocking Wordpress Login and xmlprc attacks with LFD - ConfigServer Community Forum

Thank you.

 

[xata11]

I specifically mean to temporarily block ip address requesting for a page more than X time. I am refering to any url of my website not the wp-login page

 

[cPanelMichael]

Hello @xata11,

I don't have a specific custom CSF rule to provide, but you may find the settings referenced on a third-party guide like the one below to be helpful for overall attack detection/blocking:

Basic DoS/DDoS Mitigation with the CSF Firewall

Thank you.