Still having that intermittent “too many requests” error message
Apologies for any inconvenience. It’s not fixed yet, although I’ve been struggling to eliminate it and have tried several suggestions.
Question for the techies among you: Today I was told something new by the host, which is that my own IP number is brute force attacking the site and that’s what sometimes makes it close down for a while for “too many requests.” This seems very odd; anyone have any suggestions as to what this might represent and how to fix it? Thanks.
Ive heard that the problem happens depending how often any particular weblog posts more than say, one post per year on the subject of ballet. Thats why most weblogs studiously avoid the needless subject altogether.
Not sure, but maybe this can help identify what’s going on (How to fix 429 too many requests error in WordPress):
https://www.youtube.com/watch?v=yO5sFogbfF8
Neo:
This is way over my head, so I asked Perplexity dot ai. Of course, you can always do that yourself, but I’ve copied the answer below, so you can see what kind of techno-gibberish you might be getting yourself into.
Also, maybe you could ask your host to respond to the information provided by the Perplexity LLM.
Finally, after responding to your question, it’s standard practice for Perplexity to suggest a short list of follow-ups. I haven’t copied those here, but either you or the staff at your host might want to pursue that.
_____________________________________________________________
QUESTION:
On my blog, my own IP number is brute force attacking the site and that’s what sometimes makes it close down for a while for “too many requests.” This seems very odd; anyone have any suggestions as to what this might represent and how to fix it?
RESPONSE:
What you’re seeing is usually one of three things: a local device or script on your network, a misconfigured plugin/crawler repeatedly hitting your site, or a false positive where your host’s security system is attributing requests to your public IP because that’s the address all your home traffic exits through. A genuine brute-force attack from your own IP is uncommon; it more often means something on your side is hammering the site or your IP is being reused by a VPN/proxy/NAT setup.[1][2]
What to check
Look at the exact requests in your web server logs. If you see repeated login attempts, wp-login.php, xmlrpc.php, admin-ajax.php, or a single page refreshing over and over, that points to a script, plugin, or browser session rather than an outside attacker.[2][1]
Test from another network or device. If the problem disappears, your home IP or one device on your network is likely the source.
Disable browser extensions, automation tools, uptime monitors, backup plugins, or SEO scanners one by one. These commonly cause bursts of requests that trigger “too many requests” limits.[1]
If you use WordPress, check for plugins that make frequent background calls and temporarily disable them to isolate the cause.[1]
Ask your host whether the “brute force” flag is really from repeated logins or just a rate-limit rule. Security systems sometimes label high request volume as brute force even when it isn’t.[3][2]
How to fix it
If it’s your device or script, stop the repeated requests, clear any cached login loops, and remove or reconfigure the offending extension/plugin.
If it’s your home public IP, rebooting your router may change the address if your ISP uses dynamic IPs; otherwise, use a different network or VPN for testing.
If it’s a hosting-side rate limit, ask the host to whitelist your IP for admin access or raise the threshold after you confirm the traffic is legitimate.[3][1]
Add protection such as a WAF/CDN, login rate limiting, CAPTCHA, and fail2ban/CSF-style blocking for true brute-force attempts.[2][3]
Likely explanation
In practice, the most likely explanation is that some automated process on your side is making many requests, and your host is interpreting that as an attack from your IP because that is the source address it sees. The fastest way to confirm is to inspect the request pattern in logs and then test from a different device or network.[2][1]
A good first pass is: check logs, disable plugins/extensions, try another network, then ask your host to show the exact rule or endpoint that triggered the block.[1][2]
?
https://www.veerotech.net/kb/how-to-fix-429-too-many-requests-error/
https://owasp.org/www-community/controls/Blocking_Brute_Force_Attacks
https://support.cpanel.net/hc/en-us/community/posts/19662965020055-Automatically-block-IPs-with-too-many-requests
https://lantern.splunk.com/Security_Use_Cases/Threat_Investigation/Reconstructing_a_website_defacement/IP_address_attempting_a_brute_force_password_attack
https://www.fortinet.com/resources/cyberglossary/brute-force-attack
https://soax.com/blog/what-is-ip-blocking
https://www.reddit.com/r/Wordpress/comments/2qamha/getting_slammed_by_brute_force_attacks_do_you/
https://www.hostiserver.com/community/articles/why-your-address-got-blocked-and-how-to-fix-it
https://forums.docker.com/t/ip-banned-always-getting-too-many-requests-error/146503
https://www.instagram.com/reel/DXt6Vt8kZeY/
Use a content network delivery service. It does two things to relieve your server. It pushes content out to their nodes. A person in Chicago would seamlessly be routed to a data center in Chicago, never touching your server. They are also very good at handling and blocking brute force attacks. CloudFlare is a free good service.
Harry you are wrong , I know nothing about ballet ,but find it fa#cinating ,,I still have the Sports Illustrated with Nureyev in it.
Look at the exact requests in your web server logs.
Cornflour’s list is quite extensive and looks good. I’d start with finding the appropriate windows log file (internet access log?), which may be hidden and require administrator privilege to see and access.
It’s been a very long time since I’ve done any of this, so I’m not sure precisely what it will tell you, though it should confirm if you’re own IP is the culprit. It might also tell you, or infer, which process or thread on your system is causing this problem.
I do not… but I wonder, is this a job for ai? which ai? I like gemini and copilot (though man, is copilot redundant and won’t stop trying to bring previous treads together).