WordPress — Abuse & Scraping
Bot traffic, scraping, enumeration — separating real users from resource-eaters.
WordPress 404 errors — separating real broken links from probe traffic and scrapers
You opened your access logs, or your SEO tool, or your hosting dashboard, and the 404 count looks wrong. Hundreds of them per hour. Maybe ten thousand a day on …
Read guide →
WordPress admin-ajax.php under heavy load — finding the action and the caller
Your WordPress site is sluggish. Load average is climbing, PHP-FPM workers are saturated, and every other line in the access log is a POST /wp-admin/admin-ajax.…
Read guide →
WordPress bot traffic — identifying and blocking scrapers using request fingerprints
Your WordPress site is not under attack. Nobody is trying to log in. There is no error in the dashboard.…
Read guide →
WordPress RSS / Atom feeds hammered by scrapers — detection and rate-limiting
You open New Relic, htop, or your hosting panel and CPU is pinned at 90%+. PHP-FPM workers are saturated. The site itself loads, barely. You check access logs a…
Read guide →
WordPress site search overloading the database — detecting ?s= abuse and unbounded queries
Your WordPress site is crawling. TTFB is up to 4–8 seconds. The dashboard feels sluggish, but PHP isn't crashing and Uptime Robot is green. The hosting provider…
Read guide →
