When I activate under attack mode I see too many requests (filtering service: security level) under the path /wp-content/uploads/, sometimes up to 8, 10 times per second from the same IP.
Those images paths are valid, for example /2021/03/31-3.jpg or in the same second /2020/10/B4-21-100-780x470.jpg. Some times are old images, this was logged yesterday
Several IPs shows same behavior, several times a day
My question is, is this normal ? (doesn’t seem to be), and if not, how can I control it, I just can’t keep adding firewall rules since those IP will change.
That you for any help on the matter.