More threads by DiWiT

DiWiT

Member
Joined
May 2, 2019
Messages
1
Reaction score
0
Hi,

I am seeing lots of requests like this on my wordpress site:
Request
POST[443]:/wp-admin/admin-ajax.php
User agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 OPR/56.0.3051.116
HTTP headers
HTTP_REMOTE_IP=197.XX.XX.XX,HTTP_FORWARDED=for=145.YY.YY.YY; proto=https; host=www.xyz.es,HTTP_X_REMOTE_PROTO=https,HTTP_X_REMOTE_IP=145.YY.YY.YY,HTTP_X_REMOTE_PORT=33714,HTTP_X_FORWARDED_PROTO=https,HTTP_X_FORWARDED_PORT=443,HTTP_REF…
$_POST data
action=kksr_ajax,id,stars,_wpnonce

From many different countries.

I use the “KK Star Ratings” plug-in, but even with it disabled and the plug-in folder in wp-plugins removed, the requests keep coming in.

Are these legit requests or is this some kind of attack? How can I know if the attacks are successful or not? And most importantly, how can I stop these requests from being counted by my Google Analytics reports? (I currently have the “IP Geo Block” plug-in with lots of countries blocked, but the Google Analytics stats are still showing a crazy number of visits to my site).

Thanks!
 

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

LocalU Event

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Top Bottom