Hi … recently switched from a custom design to WordPress…
Someone keeps sending huge number of requests to my site, all requests from same country, but I cannot ban that country because many visitors to my site are from there… I tried to block IP, but it is constantly change… Now I use Rate Limiting… But for how long did I use it… Attack never stops and I don’t know why this attack goes to the organ and not to the cache. I use WP Fastest Cache Premium.
Super bot fighting mode would catch this on the behavioral protection. If SBFM is not an option for you, I suggest reading the guide.
After you do that, if you still face problems, I’d advise giving us the following:
Plan that you are subscribed to.
List of deployed firewall rules.
List of deployed page rules.
Photo of the analytics (especially the WAF section) and detailed random sample data of blocked/challenged events.