Have you encountered the dreaded 429 error in WordPress? This error is commonly referred to as the error of the too many requests and is one of the many common WordPress errors you will encounter on the platform. Unlike other error messages, this one does not give you any clue as to what is causing it.
The error will cause your website to become inaccessible, so it is very important to begin troubleshooting it immediately. This can be extremely frustrating for new WordPress developers, but don’t worry, there are a few potential solutions to fix it.
Today, I will demonstrate how to resolve the 429 error message in WordPress.
What Causes the Too Many Requests error Error Message?
As the error message suggests, there are too many requests being made on your website. The problem is these requests can be from a lot of users trying to access your website at once, bots flooding your website, or plugins and custom scripts trying to access your website.
You might be wondering why too much traffic is a problem and the answer is simple, your web host cannot handle it.
To be more specific, the server does not have the resources it needs. Every time a visitor, bot, or script sends a request to the website the server tries to accept it. A server doing its job will try to accept every single request, but servers have limits.
These requests use the server’s valuable RAM and once it is all consumed, the error will appear. Larger websites will have to pay for better equipment to handle the traffic. This is what will occur during a DDOS attack.
How to Fix Error 429 Too Many Requests in WordPress
Today, I will demonstrate how to resolve the 429 error message in WordPress. I will go over a few simple solutions that can help you identify the problem. Many people like to jump to the conclusion that their website is being DDOS attacked.
Though this might be the case, usually, only bigger websites become the target of DDOS attacks. It is more than likely that there is something wrong with your website.
Method 1: Check Your Plugins
Plugins are used for almost anything now and it is very likely that one may be causing the problem. The problem is identifying which one. It is always recommended to use as few plugins as possible.
Not only can they slow down your website, but in situations like this, having a lot of them can make it difficult to determine a problem. I will show you how to deactivate your plugins.
On the left-hand admin panel, click on Plugins and select the Installed Plugins option. If you have not set up automatic updates, take this time to make sure all of your plugins are up to date.
The process is very simple. I recommend going through each plugin one at a time. You want to deactivate the plugin and see if the error message is resolved, if it is not, reactivate the plugin and try the next one.
Of course, you may be using a lot of plugins, which can slow down your website. Using the one-by-one approach may require too much time. If this is the case, use the bulk action to deactivate your plugins and check if the issue is resolved, if it is, then you now need to determine which plugin is the culprit.
If you have found that one of your plugins is causing the issue, check to see if you have changed any settings that would cause this and, if not, contact the plugin creator to alert them about the error.
Method 2: Check Your Theme
One of the biggest selling points of premium themes is the functionality they build into them. Of course, what is a selling point to one person, is the opposite for others.
Many web developers feel that built-in plugins can feel restricting and websites should avoid these. These built-in plugins could be the cause of the error.
On the left-hand admin panel, click on Appearance and select the Themes option.
Change your premium theme to another theme that does not have built-in features.
Check to see if this has fixed your error. If it has, let the theme’s creator know about the issue.
Method 3: Change Your Default Login URL
The most common cause of the 429 error is actually brute force attacks. This is where a hacker continuously attempts to log into your website over and over using different usernames and passwords.
Due to the sheer amount of login attempts, it’s very possible they are the cause, and these hackers use bots to carry out the attack.
One way to guard yourself against it is to change the default URL for your login area.
By default, every WordPress website has a similar URL structure, and that makes it easy to find. But if you change that URL, it’s more difficult for hackers.
Does it solve the problem entirely? No. Does it help? Absolutely.
One way to accomplish this is by using the WPS Hide Login plugin. The plugin is very simple. Upon installation, all you need to do is go into the settings and customize what the login URL should be.
This makes it so only someone familiar with the website will know how to log into the admin section.
You should also take a few moments to customize the login page. For instance, you can set it to accept email credentials or usernames. Changing it up will prevent a lot of bots as you no longer accept the default layout.
If All Else Fails, Contact Your Web Host
If these steps do not fix the problem, the issue is most likely not your fault. Contact your web host to find out what is going on. This can be many things. It could be a DDOS attack, but it is also likely that a third-party service is responsible.
It is no secret that search engines use bots to properly determine the rank of your website. Sometimes things can go wrong and they could send too many requests.
Let’s say a request from one of these third-party services is blocked by something. The third-party service will be programmed to try again. This could easily get out of hand and you will see a lot of requests coming from one party.
If contacting your web host does not lead to any results, you should consider switching web hosts.
Was a plugin causing the problem? Was your web host able to help you?