Unsolved A Small Orange - bandwidth limit exceded
-
@Mike-Davis said in A Small Orange - bandwidth limit exceded:
I turned on Hotlink Protection and blocked the top IP. We'll see how that goes.
What did you block with that? I mean blocking the IP, sure, that makes sense if you are sure it is malicious. But there is no hotlinking since you have no images.
-
@Mike-Davis said in A Small Orange - bandwidth limit exceded:
@JaredBusch said in A Small Orange - bandwidth limit exceded:
Or you cold ignore everything you were told when asking for help. Great work!
It's going to take me a minute to set up cloudflare....
But literally, one minute
It's SO fast. I do it every few days. -
I suppose if you don't have an account yet.
-
OK 9 minutes because I didn't have an account. It looks like I'll be able to check back tomorrow to see some analytics.
-
@Mike-Davis said in A Small Orange - bandwidth limit exceded:
OK 9 minutes because I didn't have an account. It looks like I'll be able to check back tomorrow to see some analytics.
You will be able to!
Speaking of which... wow, 110 requests on my almost blank blog page on my home lab. Surprising because I wasn't actually working on it at the time.
-
I thought that CloudFlare would show something in about four hours.
-
Check the cache and security settings, you can adjust some things to reduce threats. Also, if you are running WordPress, install the CloudFlare plugin for even more benefits.
-
I am really surprised no one recommended renaming the admin page! That alone cuts way down on blind bruteforce attacks.
Not to mention you could also add CAPTCHA
-
There are also plenty of FREE plugins that do this with one click.
https://wordpress.org/plugins/rename-wp-login/
https://wordpress.org/plugins/protect-wp-admin/
Wordfence also lets you do this and restrict IPs to the admin page.
-
@IRJ said in A Small Orange - bandwidth limit exceded:
There are also plenty of FREE plugins that do this with one click.
https://wordpress.org/plugins/rename-wp-login/
https://wordpress.org/plugins/protect-wp-admin/
Wordfence also lets you do this and restrict IPs to the admin page.
@IRJ Thanks for the tip on renaming the wp-login. I just added that.
-
I got my first round of Analytics from CloudFlare, and I'm not sure where to look.
This doesn't look right:
Top Traffic Origins
Last 24 Hours
Country Traffic
Italy 9,439
United States 6,841
Netherlands 2,145
Germany 883
Poland 826 -
I installed the CloudFlare wordpress plug-in.
-
@Mike-Davis said in A Small Orange - bandwidth limit exceded:
I installed the CloudFlare wordpress plug-in.
This part should be your biggest helper in dealing with bandwidth exceeded.
-
Also check out the listed threats. That'll help.
-
Does this much traffic for a tiny seem out of the ordinary?
-
@scottalanmiller said in A Small Orange - bandwidth limit exceded:
Also check out the listed threats. That'll help.
This?
-
@Mike-Davis Yeah, but I guess that isn't telling us much here.
-
Are you still getting constant hits on the admin page?
-
I think renaming that admin portal would be smart. A simple way to protect against that part of the traffic. And it will make it easier to find what else might be a target once that is moved.
-
@IRJ said in A Small Orange - bandwidth limit exceded:
Are you still getting constant hits on the admin page?
I renamed the admin page with the plug in. I'm still getting hammered, but I don't understand how. The bandwidth hasn't gone down since I went to CloudFlare or renamed the admin page. What should I look at next?
