I have a WordPress site that’s been running perfectly since 2016, and then suddenly started having “508 Resource Limit Is Reached” problems in mid-2019. According to Awstats on my hosting cPanel, all the hits were coming from a singe IP address and the page it has been asking for is /wp-admin/admin-ajax.php
It’s not a website that I would expect to suddenly have a huge increase in legitimate visits that would max out the resources, so I’m assuming it’s a Spambot creating a DDOS attack.
I disallowed the IP address via .htaccess, which solved the issue for about a month, then the same issue recurred with a different IP address.
I’ve now blocked 4 IP addresses … but I need a more longterm solution. I’ve had no luck with Googling for a solution, so I’m not sure where to even identify the problem.
Any ideas?
e.g. Would renaming /wp-admin/admin-ajax.php help?