- A remarkable concurrence of events or circumstances without apparent causal connection.
After the annual automatic renewal of my hosting account, I encountered a problem I have never experienced before. I could not access my website nor my blog. I could not even logged in to my WordPress account. Each attempt ended up on this screen:
At first, I thought my site(s) had been hacked; yet, the above graphic was familiar. Fortunately, it didn’t take me long to remember seeing it in this blog post: How Our New Anti-Bot AI Prevents Millions of Brute-Force Attacks. Still, why did SiteGround Anti-Bot AI block me?
As explained in SiteGround‘s post, this prevention system aims at blocking malicious traffic or, more specifically, potential unauthorized logins attempts by bots2. These brute force attacks consist in trying different combinations of usernames and passwords and are generally unsuccessful
if you have a strong password. Still, this bot traffic uses huge amount of server resources.
For this reason (i.e.
to save an enormous amount of server resources), SiteGround developed a system
able to collect and analyze simultaneously the data from all [their] servers. Apparently, this so-called Artificial Intelligence (AI) can
detect malicious [behavior] patterns and block bad traffic. Here are two examples of bad behavior:
- Failed login attempts in CMS platforms
- Number of simultaneous connections to different URLs
The main difficulty with fighting the bot activity is that bots are very clever and elusive. Bot attacks use different IPs and user agents, and often the data from attempts aimed at a single site login, or even a single server, is not good enough to determine a brute-forcing bot.Hristo Pandjarov
Clearly, this is not the case with SiteGround Anti-Bot AI. For a reason that remains to be determined (i.e. I don’t think that I fit any of the patterns monitored by their AI), their system flagged my IP address as malicious and challenged me with the above Captcha page.
The system is learning continuously how to minimize false positives. If a human visitor reaches the captcha page and solves it, the address/agent related to this solution is whitelisted.Hristo Pandjarov
For the last few days, we have been gradually launching a new AI-based bot prevention system on our servers developed by our own DevOps specialists.Hristo Pandjarov
The post about their “New Anti-Bot AI” was posted on May 04, 2017; that is almost four years ago! During this time, I have never seen this Captcha page. Given the number of brute forced attacks blocked by my security plugin, I was even wondering about the efficacy, or even the actual existence, of this Anti-Bot AI. However, I know from experience that “gradually” can mean eons with SiteGround (see SiteGround New Client Area and Site Tools – part 8). I would not be surprised if it took them that long to implement their system on the servers hosting my account.
I don’t think so. On the other hand, the
remarkable concurrence of events between the renewing of my shared hosting account (the day before) and this incident is quite perplexing. Still, this does not explain why their AI flagged my IP address as malicious. I did not fail to login in WordPress, I did not connect simultaneously to multiple sites. Simply, I am not a bot.
On a slippery slope!
I was already irritated with the 30% increase in my hosting bill (see Is the hike in SiteGround prices justified?); not to mention the removal of my backup solution (see SiteGround New Client Area and Site Tools – part 9). But as to blocking my access to my own site(s)…
1 Coincidence (2010) Oxford Dictionary of English – Third Edition. Oxford University Press. ^
2 An autonomous program on a network (especially the Internet) which can interact with systems or users. Typically, they perform tasks that are simple and repetitive. Deplorably, bots are often used to launch malicious attacks. ^
3 Cal Evans (2021) What are Brute Force Attacks and Why YOU Don’t Have to Worry About Them. SiteGround. ^