
Over the past week, our security monitoring detected hundreds of attempts to access our website. The number sounds alarming, but the reality is far more reassuring—and this article will explain why.
There was no actual attack. All 616 external security events logged between July 7-15 turned out to be automated bot noise—scanners that mass-check thousands of websites for known WordPress vulnerabilities. Our site isn't built on WordPress, so the paths they were looking for never existed, and each attempt ended with a block or 404 error.
Note on the timeframe: the data covers 8 days, not a month—our security logging was implemented on July 7, so older records simply don't exist.
The Numbers
MetricValueTotal events624External (actual traffic)616Local tests (our own checks)8Unique external IP addresses351Blocked616 / 616 (100%)Successful attacks0Permanently blocked IPs95IPs exceeding the 3-attempt threshold66

Related services
Ready to start your project?
Tell us about your idea — we'll email you a proposed time for a video call to discuss the details and prepare a quote.
