#Any recommended resource?

Ya got any good practices for a wordpress site under attack?

I've enabled bot fighting mode but still some traffic goes through targeting xml and cron

He seem to exploit POST forms and other high resource intensive things like the search function.

I put challenge on one thing he goes for the next kinda thing😅

He's using Datacenter IP

?ddos

If you are under a DDoS attack then you can take a look at these threads for first steps and help with mitigation:

• https://community.cloudflare.com/t/under-ddos-attack-first-steps/89476
• https://community.cloudflare.com/t/mitigating-an-http-ddos-attack-manually-with-cloudflare/302366

find a pattern and apply a matching waf rule