Hi,
We had an increase in traffic to our site, which increased our CPU usage over the limit.
Investigating further, we found via Cloudflare that `/wp-json/wpdiscuz/v1/update` was getting pinged by the thousands from many different IPs.
So I disabled the live comment bubble entirely and cleared the cache but the requests kept coming. I then enabled the "I am under Attack" function via Cloudflare and it started mitigating all of those requests.
I then deactivated the wpDiscuz plugin and the requests are still coming in.
Is this an attack or is there something I am missing regarding the plugin?
Thanks and regards,
Tug
I did that:
I disabled the live comment bubble entirely and cleared the cache but the requests kept coming. I then enabled the "I am under Attack" function via Cloudflare and it started mitigating all of those requests.
I then deactivated the wpDiscuz plugin and the requests are still coming in.
I'm curious if those requests should still come in after deactivating the plugin. Is that normal behavior or is this an attack? It has been 24 hours and the requests are still coming in and the plugin is still deactivated.
Thanks!
Just to give an update, I added a custom rule to Cloudflare for /wp-json/* to use a JavaScript challenge. Is there anything wrong with doing that or should that be fine?
his is likely just a cache issue. Please clear all caches before checking.
If you deactivate the wpDiscuz plugin, it will stop sending any requests.
Yeah, so I deactivated the plugin, cleared all cache, and got hit with thousands every 24 hours.
I now have it activated with the comment bubble on and I see on Cloudflare that there were 71.83K hits to /wp-json/wpdiscuz/v1/update in the past 24 hours.
Is this normal behavior?
This depends on various factors, such as the settings you’ve configured for the bubble, the number of visitors to your website, and more. Unfortunately, there isn’t a definitive answer to this question.
Gotcha. Thanks for the insight; I appreciate it. I have attached the settings for the comment bubble.
With the comment bubble settings, should we be getting any requests to /wp-json/wpdiscuz/v1/update? So far, the hits remain unchanged.
All cache has been cleared.
I also want to note that the hits are coming from different IP addresses. I can list them if you would like.
The developers will add a new option. It monitors user interactions with the website and sends live updates accordingly. Once the new version is ready (no ETA yet), please check it and let us know how it works. It should function fine.
