{"id":36661,"date":"2022-04-16T15:00:01","date_gmt":"2022-04-16T13:00:01","guid":{"rendered":"https:\/\/qodeinteractive.com\/magazine\/?p=36661"},"modified":"2022-04-18T09:23:54","modified_gmt":"2022-04-18T07:23:54","slug":"how-to-protect-your-wordpress-website-from-ddos-attacks","status":"publish","type":"post","link":"https:\/\/qodeinteractive.com\/magazine\/how-to-protect-your-wordpress-website-from-ddos-attacks\/","title":{"rendered":"How to Protect Your WordPress Website from DDoS Attacks"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]Online security is a job on its own, and, in large corporations, there are specialized IT professionals who take care of all of its important aspects. However, even if you are a one-man show running a personal blog, there are steps you can take to improve your website\u2019s security.<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]In this article, we will be showing you how to safeguard your WordPress website from DDoS attacks. But let us take a step back: what are WordPress DDoS attacks, and how can they harm your website? We will answer these questions before we get to the how-to.<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]Here\u2019s what we\u2019ll be discussing:<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;22px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#what-is-a-ddos-attack\">What Is a DDoS Attack<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;5px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#how-does-a-ddos-attack-harm-my-website\">How Does a DDoS Attack Harm My Website<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;5px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#why-do-ddos-attacks-happen\">Why Do DDoS Attacks Happen<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;5px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#protection-from-ddos-attacks-by-disabling-the-rest-api\">Protection from DDoS Attacks by Disabling the Rest API<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;5px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#protection-from-ddos-attacks-by-disabling-xml-rpc\">Protection from DDoS Attacks by Disabling XML-RPC<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;5px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#how-to-use-the-defender-security-plugin-against-ddos-attacks\">How to Use The Defender Security Plugin Against DDoS Attacks<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;5px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#protection-from-ddos-attacks-using-a-firewall\">Protection from DDos Attacks Using a Firewall<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;5px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#when-all-else-fails-revert\">When All Else Fails \u2013 Revert<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;80px&#8221;][vc_widget_sidebar sidebar_id=&#8221;new-top-picks-banner&#8221;][vc_empty_space height=&#8221;80px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"what-is-a-ddos-attack\"><\/a>What Is a DDoS Attack<\/h2>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;21px&#8221;]<div class=\"qodef-single-image-holder    \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"969\" height=\"553\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/What-Is-a-DDoS-Attack.jpg\" class=\"attachment-full size-full\" alt=\"What Is a DDoS Attack\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/What-Is-a-DDoS-Attack.jpg 969w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/What-Is-a-DDoS-Attack-300x171.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/What-Is-a-DDoS-Attack-768x438.jpg 768w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/What-Is-a-DDoS-Attack-620x354.jpg 620w\" sizes=\"auto, (max-width: 969px) 100vw, 969px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]<strong>DDoS stands for <em>Distributed Denial of Service<\/em>.<\/strong> It is an advanced form of DoS, or denial of service attack: a form of attack whose purpose is to disrupt the normal traffic of a website, server, service, or network.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]DDoS is distributed by virtue of the attack being carried out by <strong>a network of devices (a botnet) a bad actor uses<\/strong> in order to perform the action. The fact that an attack is distributed across a network makes it harder to detect and block.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]The attack itself works by overwhelming the capacity of a server: as it struggles to handle the flood of requests, it slows up or crashes, unable to service them all.<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"how-does-a-ddos-attack-harm-my-website\"><\/a>How Does a DDoS Attack Harm My Website<\/h2>\n<p>[\/vc_column_text][vc_column_text]Firstly, it <strong>makes your website run slow or crashes it<\/strong>. This is a very real and distinct adverse effect on your visitors\u2019 user experience and your traffic. If you are running an online store, you may end up <strong>losing sales<\/strong>, while if you are hosting content,<strong> your visitors will go elsewhere<\/strong> to get it.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]Secondly, you can <strong>lose your reputation with search engines and customers<\/strong>. A website which can\u2019t be reached when needed will be shunned by potential return visitors, while SEO metrics such as authority, trust and relevance can also be affected.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]Finally, <strong>it can cost you to undo the damage<\/strong> done, especially if you need to hire support staff or invest in a cybersecurity solution.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"why-do-ddos-attacks-happen\"><\/a>Why Do DDoS Attacks Happen<\/h2>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;21px&#8221;]<div class=\"qodef-single-image-holder    \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"969\" height=\"553\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Why-Do-DDoS-Attacks-Happen.jpg\" class=\"attachment-full size-full\" alt=\"Why Do DDoS Attacks Happen\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Why-Do-DDoS-Attacks-Happen.jpg 969w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Why-Do-DDoS-Attacks-Happen-300x171.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Why-Do-DDoS-Attacks-Happen-768x438.jpg 768w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Why-Do-DDoS-Attacks-Happen-620x354.jpg 620w\" sizes=\"auto, (max-width: 969px) 100vw, 969px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]There are plenty of reasons why <strong>you may become a target of a WordPress DDoS attack<\/strong>. For instance, some bad actors may subject your website to a DDoS attack in hopes of <strong>extracting money from you<\/strong> in order to make the attack stop.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]Or, you may be hosting content somebody finds <strong>politically controversial<\/strong> to the point that they will lash out to discredit your website for political reasons.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]Finally, your <strong>competitors may want to attempt to harm or discredit your website<\/strong> and decide to hire a hacker to do it using a DDoS attack.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]As you can see, nobody is fully safe from unscrupulous hackers and may be subject to this kind of attack for no particular reason. With that out of the way, let\u2019s take a look at some of the ways you could protect yourself.<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">Increase Bandwidth<\/h2>\n<p>[\/vc_column_text][vc_column_text]If you can afford to<strong> increase bandwidth<\/strong> by upgrading to a better plan with your or another hosting provider, doing so might keep you safe from DDoS attacks. After all, all a DDoS attack does is hog your bandwidth. If your bandwidth capacity surpasses the attacker\u2019s ability to flood your website with requests, the attack will be ineffective. But this does nothing in terms of defending from the attack itself.[\/vc_column_text][vc_empty_space height=&#8221;72px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">Use a CDN<\/h2>\n<p>[\/vc_column_text][vc_column_text]A CDN, or Content Delivery Network, is a network of servers which ensures that the server closest to the request maker gets the request. While primarily designed to reduce latency (improve loading times), <a href=\"https:\/\/qodeinteractive.com\/magazine\/what-is-a-cdn\/\">using a CDN can have certain benefits<\/a> with regards to protecting your website from DDoS attacks.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]A CDN protects you from a DDoS attack by effectively employing the same tactics as a botnet operator: it distributes the requests among multiple servers, making sure your website doesn\u2019t get overwhelmed. Luckily, there are plenty of <a href=\"https:\/\/qodeinteractive.com\/magazine\/best-wordpress-cdn-services\/\">CDN providers<\/a> to choose from.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">Use Server-Level DDoS Protection<\/h2>\n<p>[\/vc_column_text][vc_column_text]Some <strong>hosting providers offer DDoS protection<\/strong> as part of the package deal you are currently using, meaning you might already have some protection. Others may offer it as an additional paid service, or as part of a different package. Choose a hosting provider willing to protect you from DDoS attacks if one is available, or switch to a package with DDoS protections if you can afford it.<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"protection-from-ddos-attacks-by-disabling-the-rest-api\"><\/a>Disable the Rest API<\/h2>\n<p>[\/vc_column_text][vc_column_text]The Rest API is a feature of WordPress which allows plugins and developer tools to access your WordPress data and edit or delete your WordPress content. While it is undeniably useful (essential, even) for normal functioning of WordPress, it represents an avenue of access for hackers. Disabling it will close this avenue off.<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]There are at least two ways of <a href=\"https:\/\/qodeinteractive.com\/magazine\/how-to-disable-rest-api-in-wordpress\/\">disabling the JSON Rest API<\/a>: using a plugin such as <a href=\"https:\/\/wordpress.org\/plugins\/disable-wp-rest-api\/\" target=\"_blank\" rel=\"noopener\">Disable WP REST API<\/a> or by adding code to your <em>functions.php<\/em> file. Note, though, that flat-out disabling Rest API will prevent you from editing or publishing your posts in case you are using Gutenberg, and may cause issues with certain other plugins or functionalities. Read more on avoiding these issues in our article linked above.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"protection-from-ddos-attacks-by-disabling-xml-rpc\"><\/a>Disable XML-RPC<\/h2>\n<p>[\/vc_column_text][vc_column_text]XML-RPC is a system which allows third-party apps to access your website. It is not used very often, but it can present a back door to your website. It is not very difficult to <strong>disable XML-RPC for your website<\/strong>: you can do it quickly and easily by <a href=\"https:\/\/qodeinteractive.com\/magazine\/find-htaccess-file-on-wordpress-site\/\">locating the <em>.htaccess<\/em> file<\/a> and adding the following code to it:[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\">&lt;Files xmlrpc.php&gt;\r\norder deny,allow\r\ndeny from all\r\n&lt;\/Files&gt;<\/pre>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]Note that this will prevent you from using the WordPress app on your mobile device from accessing your website (which is used by a small minority of users anyway).[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"how-to-use-the-defender-security-plugin-against-ddos-attacks\"><\/a>Using The Defender Security Plugin<\/h2>\n<p>[\/vc_column_text][vc_column_text]The above actions, as well as certain other useful security practices, do not come in-built with WordPress. You can add these tools to your security toolbox by installing a plugin, and the plugin we recommend is the <a href=\"https:\/\/wordpress.org\/plugins\/defender-security\/\" target=\"_blank\" rel=\"noopener\">Defender Security<\/a> plugin.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]After <a href=\"https:\/\/qodeinteractive.com\/magazine\/how-to-install-a-wordpress-plugin\/\">installing and activating the plugin<\/a>, access its security controls by navigating to <strong>Defender<\/strong> from your WordPress dashboard.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"969\" height=\"518\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Defender.jpg\" class=\"attachment-full size-full\" alt=\"Defender\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Defender.jpg 969w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Defender-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Defender-768x411.jpg 768w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Defender-620x331.jpg 620w\" sizes=\"auto, (max-width: 969px) 100vw, 969px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]In order to use the plugin, you will need to configure it. Click the <strong>Activate &amp; Configure<\/strong> button to begin.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"970\" height=\"531\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Activate-Defender.jpg\" class=\"attachment-full size-full\" alt=\"Activate Defender\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Activate-Defender.jpg 970w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Activate-Defender-300x164.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Activate-Defender-768x420.jpg 768w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Activate-Defender-620x339.jpg 620w\" sizes=\"auto, (max-width: 970px) 100vw, 970px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]The plugin will go through the configuration process automatically. Once it is done, click the <strong>Finish<\/strong> button.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"969\" height=\"498\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Finished.jpg\" class=\"attachment-full size-full\" alt=\"Finished\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Finished.jpg 969w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Finished-300x154.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Finished-768x395.jpg 768w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Finished-620x319.jpg 620w\" sizes=\"auto, (max-width: 969px) 100vw, 969px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]You will then be taken to the plugin\u2019s main screen. There is a lot of different sections here, but your main concern should be the <strong>Recommendations<\/strong> section. Click the <strong>View All<\/strong> button to access it.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"969\" height=\"518\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Security-View-All.jpg\" class=\"attachment-full size-full\" alt=\"Security View All\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Security-View-All.jpg 969w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Security-View-All-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Security-View-All-768x411.jpg 768w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/Security-View-All-620x331.jpg 620w\" sizes=\"auto, (max-width: 969px) 100vw, 969px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]Of the two main vulnerabilities described, you will be able to disable both the Rest API (shown as the<strong> Disable the file editor<\/strong> control) and XML-RPC using the <strong>Disable XML-RPC<\/strong> control. You can either use the <em>Bulk Actions<\/em> drop-down menu to accept all recommendations, or go from option to option, clicking each in turn and clicking the requisite button.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"969\" height=\"529\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/XML-Disable.jpg\" class=\"attachment-full size-full\" alt=\"XML Disable\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/XML-Disable.jpg 969w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/XML-Disable-300x164.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/XML-Disable-768x419.jpg 768w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2022\/04\/XML-Disable-620x338.jpg 620w\" sizes=\"auto, (max-width: 969px) 100vw, 969px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]We encourage you to explore the plugin\u2019s other safety features, such as <a href=\"https:\/\/qodeinteractive.com\/magazine\/wordpress-two-factor-authentication\/\">two-factor authentication<\/a> and login page masking.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"protection-from-ddos-attacks-using-a-firewall\"><\/a>Install a Firewall<\/h2>\n<p>[\/vc_column_text][vc_column_text]You may also <strong>prevent DDoS attacks by employing a firewall<\/strong>. There are several good solutions on our <a href=\"https:\/\/qodeinteractive.com\/magazine\/best-firewall-plugins-for-wordpress\/\">list of best firewall plugins<\/a> for WordPress, and Defender, described above, also has its own firewall feature, though, to fully leverage it, you need to upgrade to the full version of the plugin.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]If you don\u2019t want to upgrade the Defender plugin, you can simply select one of the plugins from our list (making sure it has a DoS\/DDoS protection feature) and activate it. Some plugins will also allow you to ban specific IP addresses if the owners of those addresses persist in attempting to harm your website using a DDoS attack. If a firewall affects regular website functioning, which some firewalls can do, consult the plugin\u2019s developer.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">Blacklist Suspect IP Addresses<\/h2>\n<p>[\/vc_column_text][vc_column_text]This step is connected to the above: persistent hackers who continue to operate repeatedly from the same few IP addresses can be <strong>blocked using certain firewall plugins<\/strong>, but there are other ways of <a href=\"https:\/\/qodeinteractive.com\/magazine\/wordpress-block-ip-address\/\">blocking suspicious IP addresses<\/a> from your website. This, however, is a broad topic which merits its own article, and you can (and should) get our take from the article linked in this section.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\"><a id=\"when-all-else-fails-revert\"><\/a>When All Else Fails \u2013 Revert<\/h2>\n<p>[\/vc_column_text][vc_column_text]There is a chance that <strong>you have created a vulnerability<\/strong> by installing an unsafe plugin or theme. In that case, you might be able to protect yourself from DDoS attacks and remove the vulnerability if you <strong>revert to your website\u2019s latest working version<\/strong>.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]There are plenty of ways to <a href=\"https:\/\/qodeinteractive.com\/magazine\/how-to-manually-backup-wordpress-website\/\">manually or automatically back up your website<\/a>, but they are not the subject of this article. Still, it bears mentioning that reverting to a previous version of the website may remove the vulnerability until such time as you or your staff can fix it..[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">In Conclusion<\/h2>\n<p>[\/vc_column_text][vc_column_text]As you can see, there is a lot you can do to protect your website from DDoS attacks. Take these simple extra steps to improve your security and make your website continually accessible for your customers and other visitors.<br \/>\n[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Improve security and user experience by safeguarding your WordPress website from DDoS attacks: we will show you how!<\/p>\n","protected":false},"author":16990,"featured_media":36726,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[34,4,13],"class_list":["post-36661","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-resources","tag-security","tag-tips","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts\/36661","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/users\/16990"}],"replies":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/comments?post=36661"}],"version-history":[{"count":0,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts\/36661\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/media\/36726"}],"wp:attachment":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/media?parent=36661"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/categories?post=36661"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/tags?post=36661"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}