Facebook
Twitter
apache123456
New Pleskian
Before I go ahead let me mention couple of things,
I'm having a dedicated server with CentOS 7, Plesk Onyx Web Pro Edition with Firewall, Fail2Ban & Modsecurity switched ON and nginx as my main webserver. (Not using Apache)
From past 3 days, all of a sudden there was a spike in traffic and it was showing from USA in Google Analytics. First I was happy but then I noticed there was no increase in server load, there was no increase in revenue and the bounce rate started going up. These were clear signs of an attack or a bot traffic.
I tried searching for a solution and each time I Google I always land up on sites mentioning about ghost spam which I think could be the reason here as the site is under no load and its just GA or maybe I am wrong. Anyway I followed the article and found that there are no spam hostnames at all and the most of traffic from my my own domain itslef as hostname and it's mostly shoing in direct traffic.
Then I installed Wordfence Security plugin but it worked for a day only. Then I setup cloudflare with I'm under attack mode and a firewall filter of known bots, its blocking IPs but there is no change in real time traffic.
I've used WordPress Toolkit security features but that didn't work either.
Tried a nginx bad bot block article and that didn't work either!
I'm really worried now and I'm not sure that I'll loose rankings or what but this is really harmful for the site.
Any help is really appreciated.
I'm having a dedicated server with CentOS 7, Plesk Onyx Web Pro Edition with Firewall, Fail2Ban & Modsecurity switched ON and nginx as my main webserver. (Not using Apache)
From past 3 days, all of a sudden there was a spike in traffic and it was showing from USA in Google Analytics. First I was happy but then I noticed there was no increase in server load, there was no increase in revenue and the bounce rate started going up. These were clear signs of an attack or a bot traffic.
I tried searching for a solution and each time I Google I always land up on sites mentioning about ghost spam which I think could be the reason here as the site is under no load and its just GA or maybe I am wrong. Anyway I followed the article and found that there are no spam hostnames at all and the most of traffic from my my own domain itslef as hostname and it's mostly shoing in direct traffic.
Then I installed Wordfence Security plugin but it worked for a day only. Then I setup cloudflare with I'm under attack mode and a firewall filter of known bots, its blocking IPs but there is no change in real time traffic.
I've used WordPress Toolkit security features but that didn't work either.
Tried a nginx bad bot block article and that didn't work either!
I'm really worried now and I'm not sure that I'll loose rankings or what but this is really harmful for the site.
Any help is really appreciated.
