Increased CPU load due to admin-ajax.php spam

No there isn’t a way, any more than there is a way to block “spammers” from accessing you home page. I mean you could put all kind of checks, but in the end you will break how sites are supposed to behave which will mean that someone somewhere will not get his content. If all you have is a blog maybe you just do not care as long as your friends and family can read it, but if you actually generate money with your site you might care more.

Instead of looking at logs you should ask yourself how come a request that should do nothing except for bootstraping wordpress is bringing down your site. If you run php 7+ and object cache the cpu cost of handling a “spammy” request should be close to zero. So either you should upgrade your server side to better gandle traffic, or you have a targeted attack against a specific plugin which tries to exploit its ajax handler, in which case identifying the target of the attack should be top priority. While an attack is unlikely, it still might make sense to change your log to show the payload of the request.

Related Posts:

  1. Access-Control-Allow-Origin error sending a jQuery Post to Google API’s
  2. Show spinner GIF during an $http request in AngularJS?
  3. ASP.NET MVC controller actions that return JSON or partial html
  4. How to check if I am in admin-ajax.php?
  5. gettext does not translate when called in ajax
  6. Execute one AJAX request after another AJAX request finished
  7. Ajax and autocomplete
  8. admin-ajax.php vs Custom Page Template for Ajax Requests
  9. Load tinyMCE / wp_editor() via AJAX [duplicate]
  10. Saving (Updating) Post / Page Edits With AJAX
  11. Is there a hook that fires before an ajax call?
  12. AJAX request from Chrome Extension to WordPress Website
  13. Minimal WordPress load for only `get_option` to work (because ajax…)
  14. Why is admin ajax reloading my page
  15. Plupload in metabox – AJAX action not working in Class
  16. Admin Ajax always return 0 on form submit
  17. Why this plugin doesn’t work with media upload page?
  18. Confused on AJAX submit form through page template
  19. Ajax call in wordpress not working for subscriber user in front site
  20. add_action(‘wp_ajax_[action name]’, myfunction) problem
  21. Solve cors problem using rest api or ajax
  22. Extending wp JavaScript base class to make a post request to a custom REST endpoint
  23. Why does WordPress Heartbeat login not refresh the nonces?
  24. wp_localize_script escaping my url – fix or alternative
  25. Insert wp_editor on front-end with AJAX?
  26. Buddypress: Load Ajax Without Template Pack [closed]
  27. Woocommerce Ajax Add cart not working
  28. I have to post data by AJAX in wordpress to another Website
  29. Placement of add_action() for ajax callback?
  30. WordPress ajax problem need wordpress expert?
  31. Identical wp_rest nonce returned from rest_api
  32. wp_ajax function did not call
  33. Can’t get result from sql using ajax result
  34. Theme Customizer – Conditional Controls
  35. Edit a different page in WP Customizer
  36. Get the_content with ajax
  37. Caching-Plugins and Ajax-Page-Parts
  38. Ajax loading duplicate post
  39. WordPress AJAX – how to return true or false in the callback function
  40. Admin ajax error 400 when passing select value to populate another select
  41. How do I detect in which page ajax_query_attachments_args is loaded?
  42. Pass additional parameter with async upload
  43. AJAX request randomly stop working and returns error 400
  44. Sending variable from ajax on form submit
  45. Ajax store response json in variables
  46. How can I set cookies on both secure and non-secure origins at the same time?
  47. Variable Products Being Added to Cart with AJAX on Shop and Category Pages
  48. Audio TAG Not using MediaElement When Page is loaded through ajax
  49. Is it secure to use admin-ajax.php in front?
  50. Ajax calls from the theme directory
  51. How to pass parameters from jQuery ajax into PHP function?
  52. ajax is returning 0
  53. How to add ajax url to js using wp_add_inline_script()?
  54. merge wp rest api query to get posts per category does not work
  55. WP AJAX post filter > do something with empty value
  56. How to make a fetch() POST request to wordpress rest api?
  57. Load more posts in the same category – Ajax + Timber
  58. How to jQuery Ajax show new data from successful insert?
  59. Redirect after saving form; and yet use wp_die()
  60. ajaxt returning object object [closed]
  61. Load more posts (Ajax) in tabbed sidebar on single.php
  62. Something strange with ajax
  63. Why is the file not uploading to the server?
  64. Get localize of a loaded javascript
  65. is there’s a way to get the next page content generated by page break block with ajax call?
  66. REST public POST giving 403 forbidden nginx
  67. Query data after an Ajax insert
  68. How to get next and previous post into ajax formed modal windows?
  69. Passing value from select form with Ajax not working
  70. Sending email through Ajax without page refresh hangs on admin_ajax.php
  71. Is there a public ajax endpoint?
  72. Why Ajax Doesn’t Work?
  73. How can i do public ajax call?
  74. How to prevent multiple post with same meta value being created simultaneously in WordPress (with ajax)
  75. Content including hooks inside wp-settings.php are being called twice in WordPress
  76. Problem when sending file via ajax
  77. wp_verify_nonce not working on the mobile device
  78. Frontend AJAX Media Upload returning 404
  79. Can’t GET Variable from AJAX URL
  80. 404 error custom post type rest api
  81. How to update cart total after AJAX success
  82. Change button text after ajax db update
  83. How to implement AJAX within a class storing shortcode atts as class variables
  84. How do I display posts of a specific day?
  85. (Frontend AJAX) get post data WITH image thumbnail?
  86. Native WordPress Video Shortcode Not Working After Post is Loaded via Ajax
  87. Ajax Function call is always returning 0 in front end(without plugin) [closed]
  88. AJAX Post from same domain to a wordpress page
  89. Ajax live search, “No products found” when the title contains apostrophes and quotations
  90. Add Ajax loaded posts to existing posts
  91. Speeding up admin-ajax.php
  92. admin ajax is not working for non logged in users
  93. Change search to outpout category name instead of Post type name
  94. ‘Dehighlighting’ navigation once clicked
  95. wp_localize_script not create variable in head section
  96. AJAX admin Internal 500 error Failed to Upload
  97. Class property not visible inside ajax callback function?
  98. Front-end ajax problem all users and guests getting a 302 redirect when accessing wp-admin/admin-ajax.php
  99. Use Ajax to get an Options Settings Value
  100. Run PHPMailer function after ajax function completes that adds row to custom table