If your WordPress site is showing a ‘429 Too Many Requests’ error, follow these steps to resolve the issue.
Cause: Your site is getting hit with too many requests, often due to bots or overzealous security settings.
Step 1: Check for Malicious or Excessive Requests
Install a security plugin like Wordfence or Sucuri.
Scan your site for excessive bot traffic or brute-force attacks.
Block suspicious IPs using your security plugin or .htaccess file: order allow,deny
deny from 123.456.789.000
allow from all
Step 2: Deactivate Plugins Temporarily
Go to wp-content/plugins/ via FTP or File Manager.
Rename the plugins folder to plugins_backup.
Try reloading your site.
If the issue is resolved, restore the folder name and reactivate plugins one by one to identify the culprit.
Step 3: Switch to a Default Theme
Access wp-content/themes/ via FTP.
Rename your active theme folder (e.g., mytheme_old).
WordPress will switch to a default theme like Twenty Twenty-Four.
If the issue disappears, your theme may be making too many requests.
Step 4: Limit API and Login Requests
If your hosting provider is rate-limiting login attempts, consider using a plugin like Limit Login Attempts Reloaded.
If a third-party service (e.g., a plugin or API) is sending too many requests, review and optimize API usage.
Step 5: Disable Heartbeat API
Install the Heartbeat Control plugin or manually disable the API by adding this to functions.php: add_action(‘init’, ‘stop_heartbeat’, 1);
function stop_heartbeat() {
wp_deregister_script(‘heartbeat’);
}
Step 6: Contact Your Hosting Provider
Some hosts enforce strict rate limits on shared servers.
Contact your hosting provider and ask if they are blocking requests.
If needed, upgrade to a higher-tier hosting plan.
Conclusion
Following these steps should help resolve the ‘429 Too Many Requests’ error. If the issue persists, optimizing traffic control and switching to a more robust hosting plan may be necessary.