I am wondering if anyone can help me more than the support has done so far. Here is my "problem"
In August, i started having regular 500 error message, and having a hard time loading my site. Contacted support through a help ticket on August 21st.
My issue usually affected only one of my sites, but occasionally would affect all of them.
I was told i was experiencing a temporary IP block. and got a link for information on that.
Then i was told i was getting 500 error due to "excessive server resource usage".
Then, i was told that "It is possible that the 500 Internal Server Error is being caused by brute force attacked or unnecessary hits on the following." and i get numbers like 15K hits, and 4k hits, and so on, while my site, at peek traffic gets about 100 visits a day. So i am asked to install a CAPTCHA (even though i already have one for login, lost passwords and comments)
Twice along the way, my site goes wonky and requires a restore from a backup (which probably does not help the resource usage)
I am asked to make sure all the software are updated, and i do.
I am asked to optimize my database, and i do.
I am asked to add a code to block xmlrpc.php attack, which i do, but then, i lose the functionality of "Windows Live Writer", which i use regularly.
Then, i started getting Mail Delivery Failure messages indicating that my email account had been highjacked. I changed the password and it got fixed (one good thing).
I was suggested to use SPF, which i was never able to set up, although the password change did the trick.
After that, my login.php was attacked, and a SECOND captcha was installed by the host (now my members have 2 captcha to go through to log in).
I asked that it be removed (since i already have one) and they did.
By Sept 15, i am told that the usage is still high (after all the precautions and changes i made). They conclude that my site is popular and growing and i might want to consider a Managed Shared Hosting , but i have rarely 100 visitors a day. FAR from enough for a dedicated server, so something else is going on. In fact, over 2014, i have seen a DECREASE in traffic, not an increase.
On Sept 19, theynotice a huge attack on the admin-ajax.php. And then, everything got inaccessible. I needed to make a phone call to be told that my IP had been blocked by the firewall. I got that fixed.
This has taken weeks and by Oct 22nd, i am told that the usage is within acceptable limits.
One week later, the problems restarted with 500 error messages.
They located some attack on the admin-ajax.php page so they blocked the admin-ajax.php page from being accessed.
Noticing some cron-jobs mentions in the domlogs, they disabled the "/wp-cron.php" the cron AND added the captcha again on the login page (so i have 2). I still asked to remove theirs to keep the first one.
I am given several suggestions:
- do not use "Admin" as username: i was not.
- use a good password: i am using a strong one
- installing a plugins can be used to limit the number of login attempts : already had one of the suggested plugins
Again, i am suggested to consider upgrading my hosting plan because my site must be popular (i just wished!)
However, blocking the admin-ajax.php has caused more issues: not being able to update plugins, not being able to load visual editor of my theme, etc. Basically having a non-functional site. I had to mark that code in the .htaccess file to get my functionalities back.
This week, the usage was still not down and they blocked some IP for me in the .htaccess and READDED the captcha to help AND suggest upgrading my hosting (WHICH I DONT NEED)
Yet, as of yesterday, i was STILL getting a 500 error, and high usage stats.
I tried to install CloudFlare (from a suggestion of a programmer friend) and somehow, i can't seem to get it working: i get an email saying everything is set up, but then i get an error message that it is not.
All this has been taking 3 months, and it seems that the problem is still not fixed, my members are emailing me that they get error messages, that they have to go through a weird captcha (while mine was cute). And tonight, i try to call and of course, the business hours are over for the week, so i can only hope for something else by Monday.
I don't know what to think. I am asked to go through loops, and i do, but it does not solve the problem. WHY NOT?
Anyone has possibly another explanation (and solution) for this that might have just escaped the support staff? Maybe something too simple or too obvious?
I am at lost and am losing patience too.