How do I bypass WordPress 404 handling?

If you have a non-static request like:

example.tld/some-slug/

then you will need to run WordPress to see if that slug is available.

The webserver (nginx/apache) doesn’t know that, because WordPress will have to inform us about that through the 404 response header.

If your site has only few pages, then you could tell the webserver about it beforehand.

I don’t know if there exists any webserver modules that can store the existing WordPress sitemaps (on disk or memory) to pre-check for possible 404 errors.

If this slug doesn’t exists and you get thousands of requests on that slug, then you might try to cache the 404 response.

There are cache plugins out there that can do that.

But that might not be so useful if the attack consists of random slugs:

example.tld/azwc/
example.tld/eldw/
example.tld/tpwh/
...

Then you could block the IP address, but most likely there are thousands of IP addresses as well.

Then you might try services that collect and block large number of bad IP addresses.

Any way, you should try to trim down your 404.php page.

The defense might depend a lot on what kind of attack requests you’re getting.

Related Posts:

  1. 404 errors in log showing urls with ‘GET’, plus and numerical code
  2. External page integrated into WordPress returns a 404 error
  3. WordPress Theme’s 404.php not found, server defaults to Apache’s own 404 page
  4. get_the_ID() gives notice in 404 page
  5. How to open the 404 page in the Theme Customizer preview?
  6. Does WordPress contain “default” anti-SQL injection code that responds with a 404 error?
  7. Feed 404 Errors
  8. REST API: No route was found matching the URL and request method
  9. Detect 404 before headers are sent
  10. Non “WordPress” pages/code getting 404 error
  11. 404 error on all pages but homepage
  12. Why am I sometimes getting a 404 error when I try to update a page with Elementor?
  13. Where is the best part to hijack or catch a potential 404
  14. Why does my WordPress show a 404 message for 403 forbidden directories?
  15. “Lost password” page triggers 404
  16. $error = 404 after caught add_rewrite_rule
  17. WP Rest API not working
  18. Why is my Javascript console showing a 404 error for a file called “null” on a clean WordPress install?
  19. Conditional for 404 page not work
  20. Getting a 404 in Debugger for example.com/wp-admin/Array?
  21. oEmbed 404 errors when trying to use embed block
  22. 404 after moving localhost wp to server
  23. Intermittent 404 errors, rewrite rules, and BBPress
  24. Template redirect template loaded, but the header 404
  25. Getting 404s on New Pages
  26. index2.php in root causing 404 error
  27. Custom 404 page for dashboard
  28. wp-tinymce.php 404
  29. WordPress.org support topics returning 404 [closed]
  30. Display child pages on parent page: 404 message overrules shortcode in page
  31. How can I prevent non-existing wordpress pages from getting redirected to home page
  32. Getting 404 error on my wp rewrite error
  33. redirect deleted / drafted pages
  34. 404 error on dynamic stylesheet creation
  35. Why do I have a weird rendering issue only on 404.php caused by wp_nav_menu?
  36. How to fix: “The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.”
  37. WordPress refuses to read the .htaccess file and gives a 404 for sub-pages
  38. Page not found – Wamp green, phpmyadmin working
  39. WordPress 404 errors for old plugin files via Google Bot
  40. WPML – 404 Error when I try to pass GET parameters in my “different languages in directories” installation
  41. How to use wp_footer() on a 404 page?
  42. How to direct user to actual 404 page when a check is false in single.php?
  43. Is the 404 page the same as “well this is embarrasing” page?
  44. Some users getting a 404 when previewing draft posts/pages
  45. WordPress Installation in Subfolder only works half
  46. 404 error when calling php
  47. How do I redirect a permalink for a Draft post to a custom 404 page?
  48. Link to WP-CONTENT not working
  49. Scheduling publish of a new version of existing page results in 404
  50. Multiple 404.php templates based on a post_type
  51. List all WordPress key words
  52. Site migration from Localhost to Server – 404 errors
  53. returning 404 page error on form submission [duplicate]
  54. How to fix 404 page error on theme
  55. WordPress broken after vhosts setup
  56. Site is working but we got 404 not found error in wordpress
  57. Lots of 404 errors of pattern /null&rand=. Why?
  58. why I get a lot of 404 not found links via Google search console and how to fix them?
  59. Why am I getting Intermittent 404 pages on a sub domain with WordPress?
  60. 404 error when I tried to use author slug in url
  61. Please Help me with this 404 error
  62. Could use some help moving site to subdirectory, what am i doing wrong?
  63. WordPress 404 all pages except home
  64. WordPress Admin page Error 404
  65. How to customize file path for 404 redirection in php?
  66. WordPress Inner pages giving 404 Error after shifted to new server
  67. Since moving HTTPS using cloudflare, the admin and login pages no longer work
  68. Pages counts are showing in WordPress backend but pages shows 404
  69. 404 on CSS and JS only on Homepage
  70. fix slugs containing invalid characters?
  71. Getting a Error 404 Not Found on subcategory
  72. 404 Page not found error after adding ‘s’ in ‘http’ in Settings
  73. https images not displaying
  74. 404 Errors on Every Page (Including Homepage) After Migrating From IIS to Apache
  75. Custom Rest API namespace and endpoints are responding with 404 & 503 errors
  76. My question:When I started my website, the “page not found” error always came up
  77. Homepage URL showing a 404 error
  78. Random 404 on any page
  79. Error 404 when saving or previewing one specific page [closed]
  80. 404 Page not Displaying
  81. Exclude from wp_list_pages by template
  82. new post link leads to 404 error page
  83. How to get redirection to not redirect to 404 page?
  84. Error 404 on wp-includes directory
  85. Local copy of site returns 404 for all content outside of core .php templates
  86. Install wordpress as a development site in a subdirectory on live server
  87. Add custom content to nonexistent page
  88. WordPress shows 404 on pages 11 and above?
  89. Using calendar and page does not show calendar for next or previous year
  90. Why after a form post back, I get 404?
  91. HTTP status 404 (error) when trying to log in
  92. Page/2 posts don’t load and give 404
  93. except home page , all the links throwing an error “404 Pages Cannot be found” [closed]
  94. Moved site to 1&1 hosting, but is broken and redirecting to GoDaddy 404 [closed]
  95. WordPress Site says Front Page is 404 When Not Login
  96. Can you redirect a 404 to a WordPress page and still show response code 404?
  97. Getting 404 when static files have “?ver=x.y” suffix
  98. Getting 404 error while file exists
  99. How to include a php file in 404.php file?
  100. How to navigate to a non-wordpress page in a wordpress install without getting a 404 error?