How our new anti-bot AI prevents millions of brute-force attacks

For the last few days we have been gradually launching a new AI-based bot prevention system on our servers developed by our own DevOps specialists. We are already seeing amazing results from the operation of the system. Each hour it blocks between 500 000 and 2 million brute-force attempts across all our servers. Thus, we have prevented an unknown number of potential unauthorized logins, but what is even more important -- we have managed to save an enormous amount of server resources that can now be used for a meaningful and legitimate activity by our users.

Why are bots a problem?

Malicious traffic is an enormous problem that probably affects every single website that is online. This traffic is usually created by bots trying to gain access to your site by brute-forcing its login. The bots perform multiple login attempts using different combinations of usernames and passwords. Actually, if you have a strong password, the chance of a successful bot login is minimal. However, this activity is still a serious problem. In their login attempts the bots use huge amount of server resources. For a personal blog, for example, it can exceed multiple times the legitimate traffic created by the real human visitors. Even if bot activity is not in big volumes resulting in denial of service, it can still make your hosting more costly by causing you to go over your account resources. The reason for that is that the account has to handle not only your legitimate visitors traffic, but unwanted bot traffic as well.

How does our system work?

Artificial Intelligence analyzes data from multiple servers

The main difficulty with fighting the bot activity is that bots are very clever and elusive. Bot attacks use different IPs and user agents, and often the data from attempts aimed at a single site login, or even a single server, is not good enough to determine a brute-forcing bot. We have had brute-force prevention system on each of our servers for a long time, but the new AI is much more efficient as it is able to collect and analyze simultaneously the data from all our servers. Based on the results of the analysis it can also automatically apply actions to stop unwanted bots. There are numerous indicators that our AI monitors in order to detect malicious behaviour patterns and block bad traffic. Some of them are:

  • Failed login attempts in the majority of popular web applications - WordPress, Drupal, Joomla, Magento, etc.
  • Number of simultaneous connections to different URLs
  • Different request types and known DDoS vulnerabilities in applications
  • Dynamic list of bad user agents that’s constantly being updated

We have introduced challenge captcha page

Once our system flags a certain IP address or user agent as malicious, it’s been immediately blocked and challenged with a Captcha page. The system is learning continuously how to minimize false positives. If a human visitor reaches the captcha page and solves it, the address/agent related with this solution is whitelisted. In case the captcha page persists (e.g. you see it more than once for 24 hours), please contact our support.

WordPress Initiatives Manager

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!


  1. Reply May 4, 2017 / 08:26 David JacksonSiteGround Team

    Hi, this is great and one of the reasons I'm glad I use SiteGround!

    Can I just ask, Is the new anti-bot AI now in use on your Cloud VPS servers? I have had brute-force attempt problems on one of my joomla site in the past and it would be great if this prevented it.


    • Reply May 4, 2017 / 08:29 Hristo PandjarovSiteGround Team

      We don't monitor only WordPress but Joomla, Drupal, Magento and more failed login attempts so you should see a fall in the brute-force attempts towards your website.

      • May 4, 2017 / 10:02 Andy ConnellSiteGround Team

        The question was wether the AI Bot is running in your Cloud VPS too or just shared servers?
        I'd be interested to know the answer to that too.

      • May 4, 2017 / 10:05 Hristo PandjarovSiteGround Team

        Yes, all our customers are protected including those on Cloud accounts 🙂

    • Reply May 13, 2017 / 05:57 Todd ChaneySiteGround Team

      Security plugins such as iThemes security do some some blocking in this area also and your customer service team has been recommending a lots of htaccess blocks specifically the 6G parameters. Are you recommending that some of these can be relaxed now since this makes for an very full and maybe overly redundant HTA access file?

      Keep up the Good work SiteGround!

      • May 15, 2017 / 04:46 Angelina MichevaSiteGround Team

        Hi Todd,

        You can relax the rules and make changes to them if yоu see fit. Yet, please be advised that if something is already implemented in your website and works well, you don’t have to remove it. The iThemes and 6G firewall rules should not create issues with the AI’s functionality.

    • Reply May 20, 2017 / 15:17 PatrickSiteGround Team

      Hi Hristo,

      My question regards SSL and AW Stats. I'm hoping you can point me to documentation and if not, that someone on your team will write an article on it.

      My concern is that when a WordPress site is SSL (https://), AW Stats still tracks http://. As a consequence, there are two reports: one http:// and one https://

      In addition, AW Stats shows many hits for http://, and the two reports don't match. This is very concerning and makes it impossible to know for sure which numbers are accurate.

      To be clear, even if the main WordPress URLs are https://, and even if I activate 'HTTPS Enforce' in Let's Encrypt SSL, AW stats shows two robust reports that don't match.

      So how can I get a single, accurate report for SSL sites?

      And where can I find documentation as to the solution?

      Thank you very much.


      • May 22, 2017 / 00:37 Hristo PandjarovSiteGround Team

        I am afrad that this is the way AW Stats work and we can't really change it much. When you force HTTPS you still get hits on the HTTP versions but they are redirected to the encrypted URL. Basically, if you've forwarded everything to HTTPS, you should ignore the non-encrypted info in AW Stats since that's redirects only and look only into the SSL stats.

  2. Reply May 4, 2017 / 08:36 David JacksonSiteGround Team

    ...thanks Hristo.

  3. Reply May 4, 2017 / 10:49 bobSiteGround Team

    Hi it's a good idea, just wonder if you guys thought of creating a whitelist in cpanel. Sometimes I have problems with your servers when I ftp many files to the server. Just wondered if there is a feature that could whitelist my IP when doing website developer work etc. and using a ftp client.

    • Reply May 4, 2017 / 11:54 Hristo PandjarovSiteGround Team

      Thanks for the suggestion! We will have in mind when we consider the upcoming features we plan to add 🙂

  4. Reply May 4, 2017 / 13:30 ChrisSiteGround Team


    Does this mean I no longer need to use a brute-force-protection plugin for my WordPress site?

    • Reply May 4, 2017 / 23:50 Hristo PandjarovSiteGround Team

      If you have something implemented, you should keep it but our extra layer of protection should be filtering most of that traffic before it even reaches it 🙂

      • May 8, 2017 / 18:09 ChrisSiteGround Team

        Excellent. Thank you!

  5. Reply May 4, 2017 / 15:00 colinSiteGround Team

    Good job, guys. Keep up the fine work, I appreciate it 😀

  6. Reply May 4, 2017 / 20:13 CraigSiteGround Team

    This is terrific news! I have a couple sites that have 1,000's of posts and these bots are terrible. I've been using WordFence to try and throttle them, but blocking them at the outer layers before it hits my site is great!


  7. Reply May 5, 2017 / 07:29 RishiSiteGround Team

    Wonderful job, SiteGround team! One of the many reasons I will continue to be a customer. 🙂

  8. Reply May 5, 2017 / 07:54 Alan L. JanteSiteGround Team

    I am moving my web sites from GoDaddy to SiteGround for this very reason. SiteGround takes web security seriously. Keep up the great work.

  9. Reply May 5, 2017 / 09:54 Brian ProwsSiteGround Team

    How does the SiteGround challenge page work in conjunction with CloudFlare's?

    • Reply May 9, 2017 / 00:05 Hristo PandjarovSiteGround Team

      If you have CloudFlare enabled, its page will show before ours if triggered.

  10. Reply May 5, 2017 / 15:21 SzabeszSiteGround Team

    Recently I was blocked from my site (cPanel/GoGeek) and I had to ask SiteGround Support to whitelist my IP. I do not know if it happened before the AI system had been turned on or after that, but it was really annoying and it took me a while to realize that I had been blocked.

    It was definitely a false positive and writing support tickets is a lot of time wasted, so it would be great to be able to manage the blockings so that we can see who is turned down. After all false positives will always happen and this currently do not know what is going on behind the scenes.

    • Reply May 7, 2017 / 00:31 Hristo PandjarovSiteGround Team

      The system will not block you directly but will show you a challenging CAPTCHA page so even in false-positive case you will know exactly what happened and will be able to solve it immediatelly. However, now after hundreds of millions of hits blocked, we have only a couple of false-positive cases, so you really shouldn't worry about being blocked out of your site.

  11. Reply May 5, 2017 / 17:03 RerevisionistSiteGround Team

    I noticed a rise in 444 errors, in the last week or two, and inferred you were implementing some sort of filtering system. Looks good to me.

  12. Reply May 6, 2017 / 00:49 Jens KirkSiteGround Team

    Very good news 🙂

    Our clients are using CloudFlare Plus which has their own DNS / site firewall. Will these clients still benefit from the new server firewall? Having 2 firewall?

    Will your firewall be the first firewall and the firewall at CloudFlare will be the second one?

    • Reply May 9, 2017 / 00:06 Hristo PandjarovSiteGround Team

      The CloudFlare firewall would be the first line of defence. Our rules will kick in once the request reaches the server so yes, your customers will benefit from having two defence mechanisms working together.

  13. Reply May 9, 2017 / 12:06 CraigSiteGround Team

    I love what you guys do. Much MUCH better and caring than the host I used to use. Worth the extra price!

  14. Reply May 10, 2017 / 07:50 EndaSiteGround Team

    This sounds great. Thanks!

  15. Reply May 10, 2017 / 09:31 HelenSiteGround Team

    This is fantastic news! Thank you for doing this.

  16. Reply May 10, 2017 / 09:32 Ian MacdonaldSiteGround Team

    Sounds like an excellent idea.

    You can also change the admin URL on most CMS, and it should be a security must-do.

    From my understanding, most 'bots try to determine what CMS is in-use from clues on the frontpage, then go to the default admin page and start bruteforcing the login form they expect to find there. The custom admin URL puts a dead stop to that, with the robot landing on the 404 page instead. (Or if you like you can put-up a dummy admin page which leads the robot to waste hours for nothing.. 😉

    Our file-based Mara CMS allows you to append a custom parameter to any page URL, which puts you into admin mode and loads the login interface. Works similarly to a custom admin URL, advantage is you can do this on any site page.

    • Reply May 11, 2017 / 21:31 Mark LawSiteGround Team

      I use "WPS Hide Login URL" for all my clients WordPress sites. Each client then has a unique login URL instead of the default /wp-login.php

      It also prevents /wp-admin/ from redirecting to the login URL.

      I assume like you that a brute force attack can't begin until it knows the URL to submit the login to, but I could be wrong...

  17. Reply May 10, 2017 / 09:43 SteveSiteGround Team

    This is great news! I have been struggling with going over account executions limits for months due to bots just hitting the home page thousands of times a day. Implementing some aggressive solutions killed my Moodle implementation, so I have been manually excluding bots in robots.txt (which only some follow) and recently with a .htaccess script to specifically block named bots. I am really happy to be a SiteGround customer today!

  18. Reply May 10, 2017 / 10:24 joanne pinatelSiteGround Team

    I was wondering what was going on. I have quite a few Joomla sites with Brute Force Stop installed and I usually get literally hundreds of failed login attempts each week. In the last few days, I've noticed a marked drop in attacks. I thought the bots were getting lazy!

    Great work guys! Siteground is the best host out there!

    • Reply May 10, 2017 / 21:49 Nancy HildebrandtSiteGround Team

      I also noticed a sudden decrease in blocked attacks in reports from the security plugins installed on my sites and couldn't figure out if all the attackers were all on holiday or what. This is great news!

  19. Reply May 10, 2017 / 10:30 Ivica DelicSiteGround Team

    One of the above visitors wrote:
    "SiteGround takes web security seriously. Keep up the great work."

    I couldn't agree more, but not only the security - speed as well, support, etc.
    In short: SG take care of the whole hosting package to be on the highest level... and they constantly improve what is needed. 🙂

    Bravo Hristo & The Team!

    • Reply May 10, 2017 / 10:56 Hristo PandjarovSiteGround Team

      Thanks Ivica, really appreciate the kind words!

  20. Reply May 10, 2017 / 10:31 Mike WilliquetteSiteGround Team

    Thank you very much! I appreciate SiteGround's work to add benefits to our accounts that really are a help to us!!

  21. Reply May 10, 2017 / 10:37 Rich…SiteGround Team

    A little too late, you have been sending me resource overage messages for months now and has been the reason I terminated one of my accounts with you. It was out of my control all along and yet you keep taking down my site for these resource overages. Good thing this was a site that saw little or no traffic and didn't really effect the actual sites operation. Glad you did something proactive and might be a good thing for the other sites I maintain with you but it was a little too late to keep me from abandoning your service for one site. Maybe I'll reconsider pulling all the sites I have with you.

    • Reply May 10, 2017 / 11:00 Hristo PandjarovSiteGround Team

      That's one of the main reasons we spend a lot of development effort to create this system. It took us months do build it but the results are amazing. I am sure that you won't regret keeping your site with us!

  22. Reply May 10, 2017 / 10:54 RonSiteGround Team

    Does this mean I don't need to include the bot-blocking code in htaccess?

    • Reply May 10, 2017 / 12:23 Hristo PandjarovSiteGround Team

      I would say you can stop using that, you should be protected by our system much better.

    • Reply May 13, 2017 / 23:14 Kelvin Chege W.SiteGround Team

      What's that code friend?
      I could use some of that protection too 🙂

  23. Reply May 10, 2017 / 11:30 MohikaaniSiteGround Team

    Great news, thanks!

  24. Reply May 10, 2017 / 11:55 Kimball RexfordSiteGround Team

    "Web Hosting Services Crafted with Care?" Check!
    So glad I switched.

  25. Reply May 10, 2017 / 13:20 GregSiteGround Team

    Do we have to do anything to enable this on our cloud or it's for all customers by default?

    • Reply May 11, 2017 / 00:21 Hristo PandjarovSiteGround Team

      No, it works out of the box protecting all our customers 🙂

  26. Reply May 10, 2017 / 13:32 Seyfu TasewSiteGround Team

    Thank you very much! I appreciate SiteGround's .

  27. Reply May 10, 2017 / 13:32 Seyfu TasewSiteGround Team

    Thank you very much! I appreciate SiteGround's

  28. Reply May 10, 2017 / 16:56 eve lurieSiteGround Team

    Would this reject bots trying to use the Constant Contact Newsletter signup form on a client's site? I have not been able to get a captcha that works with this Constant Contact form.

    • Reply May 11, 2017 / 00:31 Hristo PandjarovSiteGround Team

      So far we do not monitor for bots trying to exploit plugins/extensions but that's on the roadmap for future improvements.

    • Reply May 13, 2017 / 23:17 Kelvin Chege W.SiteGround Team

      Google recaptcha by Bestsoft i think could help with that, and you can use catchall version too. Check it out at WordPress

  29. Reply May 10, 2017 / 17:02 NyssaSiteGround Team

    What with Cloudflare, then Siteground, then Wordfence, then my own codes in the .htaccess file, bots don't stand a chance! 😀

    • Reply May 11, 2017 / 00:22 Hristo PandjarovSiteGround Team

      I would remove anti-bot measures from .htaccess because they are ineffective but the file content is loaded on each hit 🙂

      • May 11, 2017 / 06:57 Kenny MooreSiteGround Team

        I am using the SiteGround version of Jeff Starr's 6G Firewall in htaccess. Are you recommending removing the 6G Firewall, or just a piece of it (if so, which piece?), or is 6G separate from bot blocking and I should leave it in place?

      • May 11, 2017 / 07:16 Hristo PandjarovSiteGround Team

        As far as I can see that firewall tries to match common hack attempts. That's already being handled by our WAF. It's up to you weather to leave it or not but I think most of the rules are already in place on a server leve.

      • May 11, 2017 / 21:01 Kenny MooreSiteGround Team

        Thank you Hristo. Your quick response and thoughtful advice are much appreciated. I ran some speed tests with and without 6G, did not detect a difference, so I will leave it in place for now.

      • May 11, 2017 / 23:31 Hristo PandjarovSiteGround Team

        If the effect on performance is minimal/none, keeping it is a good idea, another layer of security doesn't hurt.

  30. Reply May 10, 2017 / 17:06 LynSiteGround Team

    Just another reason this is the best hosting company I have ever used! Excellent service!

  31. Reply May 10, 2017 / 17:38 Howard KelleySiteGround Team

    I have already seen and felt the positive results of your anti-bot is a noticeable difference. Through your efforts such as this that I am always comfortable in recommending SiteGround and pleased to renew my annual accounts. You have become a standard by which ALL other hosting system should be measured.

  32. Reply May 10, 2017 / 18:02 David HubbardSiteGround Team

    Good stuff!

  33. Reply May 10, 2017 / 18:27 PDISiteGround Team

    I'm really glad that we switched to SiteGround.

    Best support!!!

    Thank you!!!

  34. Reply May 10, 2017 / 19:32 WolfgangSiteGround Team

    I dont wanna ruin the party, but its about time they take responsibility. Me and maybe many others had serious issues in the last months. Even after clarifying the issue several times I got blamed "your site is too successful" by support, though it was clear the traffic was produced by bots. I explained siteground that i see it as THEIR responsibility to keep these bots from "knocking on my door". I explained them that i am not gonna upgrade and pay more for my account for a small website because of issues that i have no control over. Well ... support told me that i can block the bots myself. I would have to sit every day and add thousands of IPs to the blacklist in cPanel. Seriously? Looks like there were more complaints so they added this new feature. Thx for taking responsibility Siteground.

    • Reply May 11, 2017 / 02:34 Hristo PandjarovSiteGround Team

      Hello Wolfgang, you are right that the rise in the cases like yours, where sites receive enormous traffic from bots and reach their resource limits, has triggered the decision to invest in the creation of the new anti-bot system. We want to thank all customers like you, who have been among the first affected from this growing issue for the patience and for helping us become better in dealing with it.

  35. Reply May 10, 2017 / 19:51 Oran KangasSiteGround Team

    This seems to be a great idea. The only potential downside is load speed. So will this new system slow Google's view of load time?

    • Reply May 11, 2017 / 00:22 Hristo PandjarovSiteGround Team

      No, it will not affect your loading speeds in any way. The Google Bot will never be challenged with a captcha page by our system 🙂

  36. Reply May 10, 2017 / 20:13 RidestokeSiteGround Team

    Regarding this captcha page and false positives. That is one of the reasons you have to be mindful of your security level with cloudflare. Too high and you can generate false captchas which is annoying for the user going to your site. How is this solution different?

    Do we have the option to turn that off since we are already using another solution to prevent brute force attacks?

    • Reply May 11, 2017 / 00:29 Hristo PandjarovSiteGround Team

      There isn't an option to turn this off. The system works globally and protects all our servers and customers. So far, after hundreds of millions of blocked hits we have just 2-3 cases (all very particular in nature) reporting false positives. So you really shouldn't worry about that. Our system is way more precise and configured to work as safe as possible so no human being should ever see the captcha.

  37. Reply May 10, 2017 / 22:00 ArneSiteGround Team

    If you want I can give you a list of thousands of ip addresses that my Akeeba install has blocked and blacklisted for both brute force and uploadsheild attacks over the last year.

    Literally thousands - most from Russia

    • Reply May 11, 2017 / 00:27 Hristo PandjarovSiteGround Team

      The great thing about our system is that it updates its blocking database dynamically. Bots change IPs, user-agents, behaviour pattern and simply blocking huge list of IPs doesn't do the trick. However, you should see a decrease in the number of IPs and intrusions blocked by Akeeba as many users already report because they don't even reach it 🙂

  38. Reply May 11, 2017 / 00:39 BrianSiteGround Team

    Your introduction of an AI based anti-bot system to protect against login attacks to the CMS sounds excellent. Thank you for investing in this upgrade.

    Regarding another route into user accounts - the CPanel login page. As this page is so easy to access by anyone are there any plans to protect this page better, for example two factor authentication? It would seem sensible to protect all login routes in a similar fashion to those for the CMS itself.

    • Reply May 11, 2017 / 00:48 Hristo PandjarovSiteGround Team

      Thanks for the suggestion, that's something we've been thinking about too!

      • May 11, 2017 / 01:18 BrianSiteGround Team

        If Siteground could work out a way(s) of doing this on the CPanel login page that would be a huge improvement. I am sure there must be many unauthorised attempts to access user accounts via this route but, certainly on shared servers, owners are probably going to be unaware of these.

      • May 11, 2017 / 01:58 Hristo PandjarovSiteGround Team

        Thanks for reporting that!

  39. Reply May 11, 2017 / 00:40 John SpyrakosSiteGround Team

    Great news !!! Last months I experienced twice, brute force attacks and it seems that your AI antibot approach is the best approach to defend.

    Keep up the good work.

  40. Reply May 11, 2017 / 01:20 NishantSiteGround Team

    Great feature! I have currently password protected the wp-admin folder on my WordPress install. Would it be advisable to keep it password protected or remove that protection?

    • Reply May 11, 2017 / 01:57 Hristo PandjarovSiteGround Team

      Keep it password protected! Although we would stop the majority of bots, other attacks may still be possible and password protecting your admin login URL is a great security measure!

      • May 11, 2017 / 02:26 NishantSiteGround Team

        Thanks for the reply Hristo! Is it possible to only password protect the admin login URL (wp-login) instead of the entire directory(wp-admin)?

      • May 11, 2017 / 02:35 Hristo PandjarovSiteGround Team

        Yes, take a look at this article:

  41. Reply May 11, 2017 / 01:37 Fabio SchenoneSiteGround Team

    Super !!
    There is a page or something that keep track of the action on a cPanel level ? some kind of report like Akismet ?

    • Reply May 11, 2017 / 01:57 Hristo PandjarovSiteGround Team

      Not yet but we're thinking of a page that shows the number of blocked hits.

  42. Reply May 11, 2017 / 02:14 Kristof GheyssensSiteGround Team

    Our VPS at SiteGround does not come cheap, but with excellent support and now this AI anti-bot protection. It is worth every euro!

  43. Reply May 11, 2017 / 03:12 GomyitguySiteGround Team

    Coincident I found your blog...relay it's informative...Thanks, #Hristo

  44. Reply May 11, 2017 / 03:38 LoriSiteGround Team

    This is awesome! I am so happy to have you on my team at keeping my site up and running.

  45. Reply May 11, 2017 / 03:54 stevenSiteGround Team

    Way to go SiteGround! Keep up the great work!

  46. Reply May 11, 2017 / 04:30 Frank KSiteGround Team

    Fantastic service!

    However, I generally don't use WordPress nor Joomla, which are too bloated for my taste.

    Does this protection include regular Brute Force login attempts through htpasswd and htaccess too?

    • Reply May 11, 2017 / 05:20 Hristo PandjarovSiteGround Team

      Not at this time but we constantly add new mechanisms and criteria to catch malicious behaviour so thanks for the suggestion!

      • May 11, 2017 / 06:19 Frank KSiteGround Team

        Thank you for your answer Hristo!

  47. Reply May 11, 2017 / 06:45 ReginSiteGround Team

    Thanks! Hope this feature does a great job. I have been seeing hundreds of login attempts on my website by bots:
    - each attempt Happens every 2 - 5 seconds
    - tries so many different types of username combinations
    - Have been tracking a lot of the IPs to Ukraine and similar areas.

    I haven't seen any attacks within the last week, hope the new AI is able to fend every one of those bots!


  48. Reply May 11, 2017 / 07:14 Robin KieferSiteGround Team

    We received a lot of spam posts on our wordpress blog - will these measures help reduce these?

    • Reply May 11, 2017 / 23:32 Hristo PandjarovSiteGround Team

      So far we monitor mostly login attempts and not spam comment submissions. However, that's something we've been thinking about. Unfortunatelly, without a plugin on every site like Akismet for example, it would be difficult to detect and get the information about spam comments.

  49. Reply May 11, 2017 / 07:27 PavelSiteGround Team

    Hi Hristo, does the captcha page require understanding English? Can you show it?

    • Reply May 11, 2017 / 23:36 Hristo PandjarovSiteGround Team

      Well, it is in English but people nowadays are so used to captchas that even if someone doesn't know the language, I think they will be fine. However, we wanted to make sure it's accessible for visually-impaired people.

  50. Reply May 11, 2017 / 07:38 arfan ahmadSiteGround Team

    Already i have activated login security from jetpack by wordpress plugin who prevents from malicious login attempts and stops bruteforce attacks. So far so jetpack has blocked roundabout 6000 malicious logins from my wordpress site.
    Now! can i uninstall that plugin?

    • Reply May 11, 2017 / 23:39 Hristo PandjarovSiteGround Team

      I would recommend that you monitor the number of attacks blocked by JetPack. If that's the only feature (it's a meta plugin) you're using it for and you notice it doesn't block IPs anymore, you can consider disabling it.

  51. Reply May 11, 2017 / 08:34 SheilaSiteGround Team

    Hristo, off-topic but how do you pronounce your name?

  52. Reply May 11, 2017 / 08:41 AbiSiteGround Team

    This works a treat. I worked on a site recent on godaddy and they had constant persistent attacks many targeting the correct username presumably scraped from author info. Compare this to a site I've just moved to your hosting and they have had hardly any. Keep up the good work!

  53. Reply May 11, 2017 / 08:52 Larry LevensonSiteGround Team

    Love it! thanks for the update about this.

    After suffering through resource overage messages for 2 months, your techs and I finally wrestled my WPMU sites under control -- but that whole process was SO annoying and stressful! Sound likes this new AI system will really help protect against future attacks.

    Thank you!!

  54. Reply May 11, 2017 / 08:53 Mark BarnesSiteGround Team

    Does this feature change the address of visitors (perhaps to the IP address of a proxy?). I had wp-login.php blocked for all but one IP address, but now that IP address is getting blocked. I've had to remove the rule to log in.

    • Reply May 11, 2017 / 23:42 Hristo PandjarovSiteGround Team

      No, it doesn't interfere with request IPs, that's probably your ISP changing IPs.

  55. Reply May 11, 2017 / 09:04 Vic HardySiteGround Team

    Wow, great job guys. This is very good news. I've just opened a SG account and am in the process of moving my 35+ sites from Bluehost to SG, mostly because of load times. My SG shared account is faster than my BH VPS. I don't generally add the protection plugins like Sucuri or Wordfence because I'm a plugin minimalist and never felt I needed them, but I do have Sucuri on one site and it gets hammered every day so I assume they all do.

    So anything you can do to stop these cretins at the outer level is appreciated. Well done.

  56. Reply May 11, 2017 / 09:52 Riley WrightSiteGround Team

    Very proactive of you! Thanks!

  57. Reply May 11, 2017 / 10:21 ChandimaSiteGround Team

    Thank you very much. I'm really appreciate you. I had nice WordPress site but 6 months a go it was compromised on Hostgator server. At that time I had a little idea that siteground can do something better solution for CMS. Now I'm happy about my change from Hostgator to Siteground. Hope you can do much more and thank you once again.

  58. Reply May 11, 2017 / 11:39 MassimoSiteGround Team

    When did the new service start?
    I just noticed on the logs a large attack on one of my Drupal sites on May 5th - almost 600 requests in a few minutes, IP from China

    • Reply May 11, 2017 / 23:52 Hristo PandjarovSiteGround Team

      At the beginning of the month. Note, however, that we may not detect all bot traffic so more targeted attack could have slipped through. However, we are constantly improving the product and add more and more rules and patterns to detect bad bots so hopefully, the next attack would be filtered.

  59. Reply May 11, 2017 / 11:50 Jann martinSiteGround Team

    Is there an additional charge for this?

    • Reply May 11, 2017 / 23:45 Hristo PandjarovSiteGround Team

      No, it's free and already working on all our servers 🙂

  60. Reply May 11, 2017 / 13:36 Peter La FondSiteGround Team

    The only thing better than BBQ is.... WordPress on SiteGround!

  61. Reply May 11, 2017 / 15:17 Josè ScafarelliSiteGround Team

    Sorry i don't understand... this new security upgrade is alrady running on all our WP sites or do we have to do something to implement it?

    • Reply May 11, 2017 / 23:53 Hristo PandjarovSiteGround Team

      It's already working and no action is required from you 🙂

      • May 16, 2017 / 10:22 Josè ScafarelliSiteGround Team

        THAT's AWESOME!!!!!

  62. Reply May 11, 2017 / 16:02 Corl DeLunaSiteGround Team

    Hi Hristo,

    For WordPress I use the Wordfence security plugin. Each month they report the top attacking IP addresses they come encounter, for example You'll see links to their other reports as well there. I started collecting and adding them to the end of the .htaccess file each month like:
    Deny from
    Deny from
    Deny from

    I was going to ask support if there was a Find and Replace tool I could use in the cPanel to make this faster. But, then I noticed you saying to other readers that this might be mostly covered by the SiteGround WAF. Is this true? And I won't have to collect and add them to the .htaccess files anymore?

    Does the WAF protect static websites as well?

    P.S. As for cPanel security and anything I can use it with, I use to generate near un-hackable passwords. Test them here I can't comprehend what 61 quattuortrigintillion years means, but I figure it'll cover me for more than a couple of years.

    I wish the MySQL Database Wizard accepted more password characters than it does. Please add this to your road map as well.

    Best Regards,
    Corl DeLuna

    • Reply May 12, 2017 / 00:00 Hristo PandjarovSiteGround Team

      Well, we don't just throw IPs in a block list but detect and block them dynanimcally for different period of time on all our networks. If those IPs have hit our servers, most probably they have been blocked. Once we detect bad bot behaviour, we block it per server basis. This means that although we rely on number of web apps to detect failed login attempts, once detected, bots are blocked for everyone.

      • May 12, 2017 / 12:37 Corl DeLunaSiteGround Team

        So, the .htaccess script at is now no longer needed?

        While i'd still use the Wordfence plugin, now I don't need to add Wordfence's top attacking IP's like described above?

        And SG's new WAF will protect all sites both static or dynamic just as well or even better than if I continued with the two .htaccess steps above?

      • May 15, 2017 / 07:12 Angelina MichevaSiteGround Team

        Hi Corl,
        The 6G Firewall and the Wordfence’s top attacking IP’s are good mechanisms for blocking unwanted traffic on your website. You can leave them active as it will not interfere with the AI’s mechanism, and will still add to the security on your website.
        Our AI will collect and analyze the data from all our servers. Meaning, even if your website is hit by bots that the AI has previously detected on a completely different machine, the same bots will not affect your website as they will immediately be challenged based on the data that has been already analysed.

      • September 13, 2017 / 17:27 Liz SchneiderSiteGround Team

        I've moved several sites to Siteground in the past week each time I try to add the Wordfence Optimized Firewall (their WAF), it doesn't do anything. Is there another way to do this or is it not needed because of Siteground WAF?

      • September 14, 2017 / 03:46 Angelina MichevaSiteGround Team

        Hi Liz,

        Great to hear you have chosen our services for your websites. Please note that our anti-bot AI system operates on server level and aims to prevent brute-force login attempts. Its biggest advantage is that it monitors and analyzes simultaneously the data from all our servers. As a result it is able to detect more efficiently different patterns and malicious behaviour used from bad bots and to block automatically such traffic.

        The operation of our Anti-bot AI should not affect the use of WordFence WAF on your account. We checked in our system on your case and it appears WordFence WAF is not configured properly. You can follow this guide:, which includes instructions on how to set it up with SiteGround. If you still experience a problem implementing it, please submit a ticket so our techs can check the issue. In this way they will be able to test things on our end, and make sure we are looking at the correct website where you see the problem.

  63. Reply May 11, 2017 / 16:28 MarxSiteGround Team

    How can I enable the challenge captcha page?

    • Reply May 11, 2017 / 23:45 Hristo PandjarovSiteGround Team

      It's already enabled and working for all our customers 🙂 Hopefully, you will never see the captcha page itself.

      • May 13, 2017 / 18:01 MarxSiteGround Team

        Thanks for the clarification 🙂

  64. Reply May 11, 2017 / 18:44 Doug IsonSiteGround Team

    Sweet what hosting plan is this available on? How do we get it?

    • Reply May 11, 2017 / 23:29 Hristo PandjarovSiteGround Team

      It's available on all hosting plan and already works to protect your site. No further action is needed from our users 🙂

  65. Reply May 12, 2017 / 10:12 Jennifer HoffmanSiteGround Team

    Great products and services, wonderful, available, helpful support -- that is what I have received with Siteground after switching from Hostgator where I experienced heavy site down times and long waits for support, sometimes more than an hour. And Siteground goes the extra miles by using their love of technology and really smart people to create customer solutions that solve big problems, like DNS attacks which I have experienced, without changing their service fees. I love siteground, a big thank you from a grateful user.

  66. Reply May 13, 2017 / 21:55 JohnSiteGround Team

    This is indeed a good news!

    So just a question, which comes first in action: Anti-Bot filter then C.Flare? before it reaches siteground clients?

    • Reply May 15, 2017 / 04:32 Angelina MichevaSiteGround Team

      Hi John,
      CloudFlare offers an excellent Web Application Firewall. Should you choose to activate it, requests sent to websites using the CND through SiteGround will first pass through CloudFlare’s WAF and will be filtered there.
      Our AI will activate as soon as the request reaches our server. This could be beneficial for your website, as it will be protected by two difference systems.

  67. Reply May 14, 2017 / 20:14 Jacquie TreagusSiteGround Team

    This unfortunately is not working for me. I am getting spam user registrations. I installed a security plugin and the spam user registrations stopped but then it locked me out the next time I accessed the admin panel. I got help from SG to unblock me and I removed the plugin but now I am getting the spam user registrations again. This isn't my main site but another site I have added to SG (under the same account) - would this have anything to do with it? Do I need to install a security plugin and if so which one would you recommend?

    • Reply May 16, 2017 / 07:50 Angelina MichevaSiteGround Team

      Hi Jacquie,
      We would like to clarify that the system is focused on brute-force attacks and blocking bad bots targeting logins. At this time it does not monitor spam user registrations. For this reason it will not be effective towards preventing them. We can recommend you enhance the security of your registration page in order to eliminate them.

  68. Reply May 15, 2017 / 10:49 John MurielSiteGround Team

    I've seen a steady decline in amount of emails with failed or blocked bot login attempts... which has been great :).

    What I'm recently seeing is an abnormal surge in the number of daily subscribers to my newsletter. Many have suspicious looking email addresses with anonymous countries.


  69. Reply May 16, 2017 / 09:38 IanSiteGround Team

    Great stuff, will keep an eye on the logs to see if we see the reduction!

    Thanks been looking for server level answer to this problem - you solved it.

  70. Reply May 28, 2017 / 13:26 Jaswinder KaurSiteGround Team

    I use SiteGround and quite happy with all new technology.


  71. Reply June 19, 2017 / 09:29 MosheSiteGround Team

    Is this Anti-Bot still working??

    It seems the last few days the Failed Brute-Force attempts on our Magento download folder started again.


    • Reply June 20, 2017 / 01:01 Hristo PandjarovSiteGround Team

      Yes, it's working, could you open a ticket in your Help Desk with more info about this so we can investigate and update our system if necessary?

  72. Reply August 29, 2017 / 09:38 GregSiteGround Team

    Yeah its soooo good, that I cannot open my websites, also no matter how many times I write down correct captcha it doesn't allow me to go further - tried all possible browser. Changed IP - nothing works 🙁

    • Reply August 29, 2017 / 09:53 Hristo PandjarovSiteGround Team

      Please, post a ticket in your Help Desk, my colleagues will look into it and see what went wrong with your Captcha answers and IP blocking.

  73. Reply September 3, 2017 / 06:41 Eric GSiteGround Team

    Seems to be blocking the Tor browser.
    Entering the Captcha doesn't always work. Failed four times in a row for me.

    • Reply September 5, 2017 / 01:11 Hristo PandjarovSiteGround Team

      With Tor browser, pretty much every request comes from a different IP. It's widely used for malicous traffic and different hacking attacks. Tor exit nodes are not endless and it's normal that most of them are blocked. Please, use a regular browser in order to avoid such issues.

  74. Reply September 28, 2017 / 22:00 Gary SonnenbergSiteGround Team

    Thanks for this. I've encountered it twice recently when trying to access my own sites. It would be nice if, after I've done the captcha, it didn't show me another challenge page but took me to my site instead.

    • Reply September 29, 2017 / 00:26 Hristo PandjarovSiteGround Team

      You must have switched IPs. If you solved the captcha you should not have seen it again that soon.

  75. Reply October 8, 2017 / 03:59 AngelaSiteGround Team

    How can we turn this off for some domains ? Or whitelist IP's from this feature ? The sites we manage were getting hacked quite often ( hacker bots preying on plugin/theme vulnerabilities etc ) and so we now use a cloud based firewall in front of siteground (so providing us with an extra layer of hacker defence) . This gives us the luxury of not having to update themes , plugins , WordPress constantly and yet still stay clean from infections. Of course we update in the end but as we have the firewall covering our backs we can do it in our own time to fit our business schedule. This setup has stopped all the hacking completely and has been working great for months but now since you added this failed login IP tracking all the valid users of the sites are constantly getting catcha pages from siteground ( as the siteground feature is checking the firewall ips instead of the visiors ips). This is of course very annoying to valid users and puts them off ftom using the sites. We were not facing any issues with brute logins before so you can imagine that now with all visitors incorrectly get captchas ftom siteground is really off putting . Can we turn it off or whitelist ips for some domains?

    • Reply October 9, 2017 / 00:32 Hristo PandjarovSiteGround Team

      You can request from our support team to disable it for your account. Please, post a ticket in your Help Desk about this.

  76. Reply October 13, 2017 / 01:45 Andy RenalsSiteGround Team

    Hi Hristo,

    I'm using Gravityscan which is now failing to obtain a connection to my site. When I do a manual scan I'm told that my scan results may be incomplete or inaccurate due to security software (SiteGround Anti-Bot) used by this site. Is there a work around? Andy

    • Reply October 16, 2017 / 00:51 Hristo PandjarovSiteGround Team

      Please, post a ticket in your Help Desk, our support team will help you out with that.

  77. Reply October 14, 2017 / 09:01 KevinSiteGround Team

    How can I whitelist the Gravityscan bot?
    They are telling me that the SiteGround Anti-Bot is blocking requests.

    • Reply October 16, 2017 / 00:49 Hristo PandjarovSiteGround Team

      Please, post a ticket in your Help Desk and our support team will help you out.

  78. Reply October 20, 2017 / 06:10 Andy RenalsSiteGround Team

    The response from the support team is that on a shared server there are two options. Option 1 disable Anti-Bot on my domain and sub domains entrusting things to Gravityscan. Option 2 we have to assume is to rely on Anti-Bot and disable GravityScan since it can't be white-listed.

    • Reply October 23, 2017 / 23:20 Hristo PandjarovSiteGround Team

      We've worked with the Gravity scan team to make it work without our Anti-Bot system to block it. Everything should be working fine now on your end 🙂

  79. Reply December 21, 2017 / 04:43 TamasSiteGround Team

    Great news. Does it mean that I do not need to use Loginizer on every WP installation because your new anti-bot system makes it unnecessary? It would be great 🙂

    • Reply December 21, 2017 / 05:42 Angelina MichevaSiteGround Team

      Hi Tamas,

      The logic behind our system resembles the functionality of the Loginizer plugin. Your sites will be always be protected on our servers via the AI system and it is working on a global level to keep them safe. In case you want to have more control in managing this process for the websites you can use the plugin as well.

      SiteGround Team

  80. Reply January 22, 2018 / 06:25 FrankSiteGround Team

    We have migrated an old forum to a new bbpress/wordpress version hosted on Siteground.
    We have users on our site that is generally very picky about protecting their privacy from eavesdropping from anyone, simply by principle. The number of such individuals are clearly on the rise.

    They use among other solutions, TOR and have never experienced problems with other sites. BUT they have just about given up our site which is very unfortunate as they are among the largest contributors to our forum.

    The problem is that they end up at your anti-bot-ai Captcha - which is fine and completely acceptable - but when they solve the captcha they are not referred back to the site, but are presented with a new captcha endlessly.
    Their ip seems not to be blocked as they gain acces if they manually enter the original URL after solving the captcha!?!?!

    Do you have an explanation for this behaviour?
    It must be possible to redirect correctly by issuing a cookie that the browser can present or similar (I am no security expert) (which would be acceptable for the users in this particular situation as would be part of encrypted information)

    How can we ensure that legitimit TOR users can use our site?
    Just telling them to use an unsafe browser is considered rude - we have tried that .-(

    best regards,

    • Reply January 22, 2018 / 08:11 Hristo PandjarovSiteGround Team

      The Tor browser makes requests constantly switching IP addresses. It is widely used by people who want to do malicious tasks without being detected. Although many, Tor has finite number of IP addresses and due to its regular usage, those addresses get blocked very, very fast.

      The problem comes from the fact that Tor uses a torrent like technology to make requests from a variety of IPs. Usually, if a regular user is presented with a captcha and solves it, they will never see the challenge again. We have very, very little false-positives with that system. However, due to the constant IP change for requests, users keep getting challenged with captcha. We can't risk the security of our customers and allow IPs that have been used for malicious reasons to access our servers. I would recommend that you advice your visitors to use a regular browser when visiting your site.

      • January 22, 2018 / 09:16 FrankSiteGround Team

        thanks for the answer, did not give me any explanation why solving the captcha does not redirect back to the site as it should.

        And it sounds like a contradiction to me - you DO actually let people in from the TOR network - the captcha redirection is just not working.

        as I stated - "Their ip seems not to be blocked as they gain access if they manually enter the original URL after solving the captcha!?!?!" (i.e. removing the "./well-known/captcha...." that is appended and which I assume is your anti-bot-ai)

        So if the user can manually enter the URL after solving the captcha - why cant the captcha page send the user to our site??

      • January 23, 2018 / 00:21 Hristo PandjarovSiteGround Team

        That looks like an application issue, once solved the captcha, the user is redireted to the originating URL. However, if that URL is restricted for logged in users for example, it may redirect to the index. Please, email me at hristo.p at with exact URLs to test with and I will be able to give a more concrete answer.

  81. Reply January 29, 2018 / 10:21 MartinSiteGround Team

    Hi, I've been made aware of this post by Siteground support. I discovered that the security system is blocking my CDN occasionally. So the support is giving me the option of disabling the security which i would prefer not to do. I've been told i can't whitelist my cdn ips.

    I'm new to Siteground and find this to be a puzzling situation. Surely i should be able to use a cdn with Siteground? Why would my cdn (BunnyCDN) be getting blocked? Support told me it could be due to the cdn sending a large number of requests to the server, but that would happen with any cdn.

    Does this mean i have to move hosts now?

    • Reply February 2, 2018 / 05:37 Hristo PandjarovSiteGround Team

      We have ways to whitelist known providers that do lots of requests to our servers. Due to the nature of the CDN service false positive block may occur. I will forward this to our team and contact BunnyCDN to get more info about their networks and see what can be done.

      • February 10, 2018 / 22:13 MartinSiteGround Team

        Hi Hristo, I spoke to BunnyCDN and they told me Siteground has been in touch and will implement a fix so that the cdn won't be blocked.

        Would you be able to check with your team when this fix will take effect? I've currently had to ask support to disable the anti-bot ai system on my account, but would like to re-enable it at the earliest possible opportunity once the fix for BunnyCDN takes effect. Thanks

      • February 12, 2018 / 05:52 Hristo PandjarovSiteGround Team

        Yes, we've figured this out last week, they are using a header that we will monitor. We will not block their IPs, however, will still manage to block offending addresses (the origin ones) if they have malicious behaviour on our servers. So that should be working just fine now.

  82. Reply February 13, 2018 / 08:40 MartinSiteGround Team

    That's great to hear. Just so I understood correctly, it's now safe for me to re-enable the anti bot system as it will no longer block BunnyCDN IPs? Thank you for checking up on this!

    • Reply February 13, 2018 / 08:48 Hristo PandjarovSiteGround Team

      Yes, it should work fine with all BunnyCDN users!

  83. Reply March 7, 2018 / 15:49 SteveSiteGround Team

    I've been blocked from all my sites on my account. How do I clear it. I've already tried clearing my browser cache.

    • Reply March 8, 2018 / 02:22 Hristo PandjarovSiteGround Team

      Our Anti-bot system chalanges requests with captcha it does not block IPs. If you've been blocked, other systems have most probably noticed some malicious requests coming from you. Please, open a ticket in your Help Desk so we can assist you further.

  84. Reply April 16, 2018 / 09:48 EricSiteGround Team

    I can't even log into my own admin because of this "feature". I understand why it was implemented but it is very bothersome to me and my customers. The logic is we shouldn't have enter a captcha in the first place. This should all be done in the background. Your AI needs to be tweaked at the very least. Prompting everyone to enter a captcha and then white-listing IP addresses doesn't sound like good AI to me.

    • Reply April 17, 2018 / 05:25 Hristo PandjarovSiteGround Team

      Not everyone is prompted with a CAPTCHA. If you see it, this means that there's malicious traffic or traffic considered malicious coming from your IP address. Even then, you should see it once. If this happens again, please post a ticket in your Help Desk providing your IP address and our team will look into it further.

  85. Reply May 6, 2018 / 04:26 MartySiteGround Team

    Hi Hristo, I would like to provide some feedback on the AI defence system and hope that you could pass it onto the developers to consider for a future update?

    I noticed in my logs i had 43 requests, over a period of 30 minutes, to /wp-admin/admin-ajax.php

    This is obviously not human activity, and i think the defence system should be able to detect things like this and prevent them.


    • Reply May 9, 2018 / 06:00 Hristo PandjarovSiteGround Team

      That could easily be an opened tab in a browser logged into your backend, also known as the WP Heartbeat. That's not a login attempt, so you shouldn't be worried about it 🙂

  86. Reply August 28, 2018 / 17:21 RaulSiteGround Team

    Your bot isn't letting me log in

    • Reply August 29, 2018 / 00:26 Hristo PandjarovSiteGround Team

      The bot challenges you with a captcha when detects you as maliciout load. Unless you're using a Tor browser or similar, that shouldn't be a problem. For further assistance, please contact our technical support team.

  87. Reply September 18, 2018 / 16:09 MikoSiteGround Team

    Hi Hristo,
    We recently transferred to SG and so far everything has been very smooth and support is great. A recent challenge, however blocked Google bot from crawling our CDN files.

    We use MaxCDN for our static content and our xml sitemaps are reference links to the CDN location of our files. When Googlebot tires to crawl our images for example, CDN logs show error: 502. Your anti-bot AI was blocking the requests because they were originating from MaxCDN IP ranges but not Google IPs.
    This sounds fine, however I expect MaxCDN to be whitelisted being a recognized CDN provider.

    The support guys acted quickly and whitelisted our domain in your anti-bot AI as a workaround.
    We really would like to take full advantage of your services and turning off anti-bot AI should not be the permanent fix in this case.

    Any help is appreciated! Thanks!

    p.s. Our account is hosted in your UK location.

    • Reply September 18, 2018 / 23:48 Hristo PandjarovSiteGround Team

      Thanks for your feedback, I will discuss this with our devops team and see if we can whitelist their IPs globally.

      • January 22, 2019 / 09:32 MikoSiteGround Team

        Hi Hristo,

        Just checking if MaxCDN has been whitelisted in your anti-bot system?

        Thank you very much!

      • January 23, 2019 / 01:27 Hristo PandjarovSiteGround Team

        We did update some rules and issue shouldn't happen anymore. Do you still have problems with that?

      • January 23, 2019 / 09:31 MikoSiteGround Team

        SG Support team whitelisted our domain in the anti-bot system as a workaround.
        If the MaxCDN IP ranges were whitelisted when I think it should be safe to re-arm the AI again but do not want to experiment.

      • January 24, 2019 / 03:08 Hristo PandjarovSiteGround Team

        Whitelisting a wide range of IPs is not the best way to do that because there's no guarantee that all the traffic coming from them is legitimate. We're getting fewer and fewer false-positives from the system and constantly improving its filters is much better in the long term.

  88. Reply November 15, 2018 / 13:48 Shelly HafflySiteGround Team

    I'm currently in the middle of developing a site and have been kicked out with this bot message - in the middle of working. Followed by another one, when I went to a different client site to update something else. Maybe the settings need to be eased up some. This is ridiculous.

    • Reply November 16, 2018 / 01:19 Hristo PandjarovSiteGround Team

      That's strange, once you solve the captcha from that address, you should not see it again for quite some time. Could you open a ticket in your Help Desk next time this happens so we can investigate and solve that.

  89. Reply November 15, 2018 / 17:25 HermanSiteGround Team

    seems like this is interfering with ezoic ad testing. Is there a way to white list ezoic?

    • Reply November 16, 2018 / 01:19 Hristo PandjarovSiteGround Team

      Thanks for reporting that, could you open a ticket in your Help Desk regarding that so we can troubleshoot with exact data and see what's triggering it exactly.

  90. Reply November 30, 2018 / 06:22 Stuart WilsonSiteGround Team

    Can you please stop using this on my site. If it continues, I am cancelling my siteground subscription.

    • Reply December 3, 2018 / 08:25 Hristo PandjarovSiteGround Team

      If you're experiencing issues with our anti-bot system, please open a ticket in your Help Desk, my colleagues will assist you further.

  91. Reply February 3, 2019 / 16:48 Jean-François CloutierSiteGround Team

    You should add geo local language, and be carefully about VPN traffic, because i get « Our system thinks you might be a robot!» when im connected to my VPN, and also i get a english langage message when my site is FRENCH!

    • Reply February 4, 2019 / 08:27 Hristo PandjarovSiteGround Team

      The AI system cannot know the language of your site, it detects pattern, considered bot traffic and shows a generic captcha in English. I am sorry for the inconvenience but I am sure your normal French visitors will never see that message.

  92. Reply February 18, 2019 / 15:12 GGSiteGround Team

    over the past week or two, i have gone from 3-4 failed and blocked login attempts per week to about 20 failed log ins per day, and that is with IP blocking on the 3rd failed attempt... doesn't seem to be working. Using wordpress and limit login attempts plugin...

    • Reply February 19, 2019 / 01:31 Hristo PandjarovSiteGround Team

      3-4 failed login attempts per week cannot be considered as brute-force attak, nor 20 per day. That's way too low threshold for banning an IP from our system.

  93. Reply February 24, 2019 / 22:29 Jes CSiteGround Team

    This makes working on client sites an absolute pain in the you-know-what. While the concept is solid, tThere needs to be an option to disable/enable it within the cpanel. It's absolute hell when I have to enter a captcha every time I try to view changes made.

    • Reply February 26, 2019 / 00:47 Hristo PandjarovSiteGround Team

      Please, open a ticket in your Help Desk, something you're doing is triggering the AI system. Once you solve the captcha you shouldn't see it again unless the same rules are triggered.

  94. Reply February 25, 2019 / 13:13 Theodore HildebrandtSiteGround Team

    I'm getting this captcha screen on every page load. It's frustrating. How do we turn it off?

    • Reply February 26, 2019 / 00:47 Hristo PandjarovSiteGround Team

      Please, post a ticket in your Help Desk so we can look into it.

  95. Reply March 12, 2019 / 01:23 FredericoSiteGround Team

    I need this to be in portuguese, my customers believe that my website is the problem when they see this challenge in english.

    • Reply March 14, 2019 / 06:51 Hristo PandjarovSiteGround Team

      I am afraid we cannot internationalize that message. However, your customers should not see that captcha challenge if it's a legitimate traffic.

  96. Reply March 13, 2019 / 11:09 AndySiteGround Team

    Is good that you allow to disable this anti-bot AI for entire website, otherwise can be a real problem.

    Ezoic ad network has thousands of IPs that were blocked, if they change some IPs and traffic is blocked is not good at all - can be a reason to choose another hosting.

    So is good to let the possibility to turn it off (good to make the option in CPanel too).

    • Reply March 14, 2019 / 07:23 Hristo PandjarovSiteGround Team

      You can always open a ticket in your Help Desk and request the protection to be stopped for your account. However, the system works for quite some time now and false-positives are very, very rare. So I think it's better to provide us with IPs you believe are incorrectly blocked so we can investigate further.

      • September 19, 2019 / 02:18 Kristof GheyssensSiteGround Team

        they don't seem so very, very rare. Client of ours had several people in the company who all got the captcha, not just one user.

      • September 20, 2019 / 00:27 Hristo PandjarovSiteGround Team

        Any chance they work in the same office? We block IPs so that's to be expected if one triggers the captcha with multiple incorrect login attempts for example, the rest to be challenged with it too.

  97. Reply April 21, 2019 / 15:29 ThomSiteGround Team

    There's got to be a better way. I'm not doing a captcha to read an article, I'll just move on. It also stopped me from making a purchase recently. The system thinks I might be a robot? Absurd. But then you don't need my money.

    • Reply April 22, 2019 / 00:22 Hristo PandjarovSiteGround Team

      People should not see a captcha in first place if the traffic is legitimate. It's difficult to get your IP flagged unless there's malicious traffic from it so I would not be worried about your customers having to solve it.

  98. Reply June 4, 2019 / 19:39 DariusSiteGround Team

    Great idea but its very bad for the visitors. They will just back out instead of doing the captcha to read, view, or purchase. I requested the feature to be taken off of my account. I recommend this not being a default feature on the accounts. Let your customers use something else like Cloudflare that focus on fighting bots.

    • Reply June 6, 2019 / 23:57 Hristo PandjarovSiteGround Team

      Normal users should never see the captcha challenge. It requires detected malicious activity to blacklist an IP address and those lists are constantly updated. This service saves tons of hosting resources to customers from bad bot traffic and I really don't recommend turning it off. By the way, Cloudflare use captcha to confront bots too.

  99. Reply June 16, 2019 / 01:01 PrashantSiteGround Team

    Can the AI anti-bot be made intelligent enough to whitelist traffic from popular speedtest tools such as GTmetrix & Webpagetest? Its difficult to measure speed of our sites when we see siteground captcha validation while testing speed of our website. I raised a support ticket also, but it isn't helping

    • Reply June 18, 2019 / 03:18 Hristo PandjarovSiteGround Team

      We are not blocking that traffic. It's something with your particular account and we've already replied to your ticket 🙂

  100. Reply October 12, 2019 / 12:39 IlyesSiteGround Team

    Also, you should at least whitelist traffic coming from search engines, i activated a VPN on incognito window to check how my website is performing, i clicked my website link on google search results and i found robot challenge screen.

    • Reply October 13, 2019 / 23:25 Hristo PandjarovSiteGround Team

      Search engines do not get challenged with captcha. However, it seems your VPN address has been used for activities, marked as malicous by our system, thus the captcha screen.

  101. Reply December 6, 2019 / 01:44 SouravSiteGround Team

    Hi Hristo, While your intentions are good, the BOT challenge page being served to even human traffic is a big put off . An eCommerce client of ours has lost traffic and visitors . Their FB campaigns have sent visitors to the website who see a Captcha page instead. So it seems the AI cant distinguish yet traffic correctly. My client might shift his hosting to another provider if no there is no resolution.

    • Reply December 6, 2019 / 02:56 Hristo PandjarovSiteGround Team

      Our AI service does not block IPs unless there are malicious traffic coming from that. This said, please open a ticket in your Help Desk and provide my colleagues with details about the issues so we can investigate and see what can be done.

  102. Reply December 18, 2019 / 13:04 JTurnerSiteGround Team

    Completely agree with SOURAV. This should be opt-in only.

    • Reply December 19, 2019 / 01:36 Marina YordanovaSiteGround Team

      Hello JTurner, thank you for your comment. Currently, you cannot opt-out of it, but our team will be able to assist you if you should stumble upon a particular problem with the anti-bot AI. So, please be sure to post a ticket to our Support team.

  103. Reply January 7, 2020 / 13:11 ScottSiteGround Team

    Can you at least make the captcha page redirect to the original requested page instead of going to the root domain. For whatever reason you think the company I work for is a bot, but the most annoying thing is having to enter the captcha and then go back to google and reclick the link.

    • Reply January 8, 2020 / 00:57 Hristo PandjarovSiteGround Team

      The system is indeed configured to redirect to the requested page after successfully solving the captcha. If it redirects to your homepage, most probably there's something within your site config doing it. Furthermore, please note that we don't start challenging with captcha unless numerous bad login attempts are made per time frame, so normal traffic should not be affected. Make sure your saved passwords are up-to-date and if there isn't any software generating incorrect logins on your network. If the issue persists, please contact our support team with a ticket and we will investigate further.

Reply to Hristo Pandjarov Cancel

* (Required)