Site Down? Diagnose Why
Figure out if it’s traffic, an attack, or something else—and fix it fast.
What this covers: A rapid diagnostic framework for site outages: distinguishing between traffic spikes, DDoS attacks, and server failures, with step-by-step response plans for each scenario including Cloudflare setup and host escalation.
Who it’s for: Site owners whose website is currently down or experiencing performance issues and need to quickly identify the cause and fix it.
Key outcome: You’ll diagnose whether your outage is caused by real traffic, a malicious attack, or a server issue, and follow the matching response plan to get back online.
Time to read: 6 minutes
Part of: Security & Infrastructure series
Your site is slow or completely unreachable. Customers are emailing, your phone is buzzing, and you need answers. Is this a good problem (viral traffic spike) or a bad one (attack or server failure)?
This guide covers: How to diagnose why your site is down and what to do for each scenario.
Quick Diagnosis: What Kind of Problem?
Site outages have three common causes. Here’s how to tell which you’re dealing with:
| Symptom | Likely Cause |
|---|---|
| Analytics shows huge spike, site is slow | Traffic spike (good problem) |
| Analytics normal, site unreachable, server logs show flood | DDoS attack (malicious) |
| Analytics normal, site unreachable, nothing unusual in logs | Server/hosting issue |
Step 1: Check Your Analytics
Open Google Analytics → Real-Time → Overview.
- Huge spike in users: You’re going viral. Skip to “Traffic Spike Response” below.
- Normal or low traffic: The problem isn’t real visitors. Continue to Step 2.
Real traffic shows in analytics. Bot attacks usually don’t (bots don’t execute JavaScript).
Step 2: Check Your Host Status
Before assuming you’re under attack, check if your host is having issues:
- Log into your hosting dashboard – any alerts or maintenance notices?
- Check your host’s status page (most have one)
- Check DownDetector for your hosting provider
If your host is having issues, you’re not alone and they’re probably already working on it.
Step 3: Check Server Logs or CDN
If you use Cloudflare or another CDN, their dashboard shows traffic analysis:
- Requests from many different IPs, normal patterns: Real users
- Requests from few IPs or same IP ranges: Likely attack
- Huge volume to login page or wp-admin: Brute force attack
- Requests to random/nonexistent URLs: Bot probing
Traffic Spike Response
Good news: real people want to visit your site. Bad news: your server can’t handle it. Here’s how to cope:
Immediate Actions
- Enable aggressive caching: If using WordPress, install and activate W3 Total Cache or WP Super Cache
- Contact your host: Ask them to temporarily increase resources
- Simplify your pages: Temporarily disable heavy plugins, switch to a lighter theme
- Add Cloudflare: Free tier provides CDN caching that offloads your server
Prevent Next Time
- Use a CDN permanently (Cloudflare free tier is fine for most sites)
- Consider managed WordPress hosting (WP Engine, Kinsta) with built-in scaling
- Load test before big launches with Loader.io (free tier available)
DDoS Attack Response
Fake traffic designed to overwhelm your server. Here’s how to fight back:
Immediate Actions
- Enable Cloudflare “Under Attack” mode: Adds a JavaScript challenge that blocks most bots
- Turn on rate limiting: In Cloudflare or your host’s firewall
- Block suspicious IP ranges: If you see patterns in logs, block those ranges
- Contact your host: They can often null-route attack traffic at the network level
Cloudflare Quick Setup
If you don’t have Cloudflare yet, it’s the fastest path to DDoS protection:
- Sign up at cloudflare.com (free plan works)
- Add your site and follow the setup wizard
- Update your nameservers to Cloudflare’s (instructions provided)
- Enable “Proxy” (orange cloud) for your DNS records
- Turn on “Under Attack” mode if actively under attack
Takes about 30 minutes to set up. The free plan includes DDoS protection.
Server/Hosting Issue Response
If it’s not traffic and not an attack, something’s wrong with your server:
- Contact your host’s support – they can see server-level issues you can’t
- Check recent changes: Did you install a plugin, update WordPress, or change anything recently?
- Check error logs: If you have access, look for PHP errors or memory issues
- Restore from backup: If a recent change broke things, roll back
For ongoing slow performance (not an outage), see Fix a Slow WordPress Site.
Sources
Site Downtime Questions Answered
How do I tell if my site is down for everyone or just me?
Use downforeveryoneorjustme.com or isitdownrightnow.com. These check your site from external servers. If it’s up for them but down for you, the issue is your ISP, DNS cache, or local network—try flushing DNS or using a VPN.
What are the most common reasons a WordPress site goes down?
Plugin conflicts after updates (35% of outages), exceeded hosting resource limits from traffic spikes (25%), expired domain or SSL certificates (15%), database connection errors (10%), and DDoS attacks (5%). Check your hosting dashboard and error logs first.
How quickly should my host respond to a downtime ticket?
Managed WordPress hosts (WP Engine, Kinsta, Flywheel) typically respond within 5-15 minutes for priority/emergency tickets. Shared hosting support averages 30-60 minutes. If your host takes longer than 1 hour during a full outage, escalate immediately or consider migrating.
Should I set up uptime monitoring?
Yes. Free tools like UptimeRobot check your site every 5 minutes and alert you via email, SMS, or Slack before visitors or clients notice. Paid tools like Pingdom add response time tracking and root cause analysis. Set up monitoring before you need it.
✓ Confirming Your Site Is Back Online
- Your site is back online and loading normally
- You’ve identified what caused the outage (traffic, attack, or server)
- You have a prevention plan (CDN, caching, or host upgrade)
If attacks continue: Cloudflare’s paid plans (/mo) include more aggressive DDoS mitigation.