Get exclusive CAP network offers from top brands

View CAP Offers

WP Brute Force Attacks Continue

[bsa_pro_ad_space id=2]
  • This topic is empty.
Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #834173
    Anonymous
    Inactive

    cant you just relocate the actual admin cp page location?

    I thought wordpress allowed you to set the path to them, I don’t use WP but I would assume that is pretty basic.

    #834175
    gokken
    Member

    The login for WP resides on the root, not in a folder. EG yourdomain.com/wp-login.php
    Hence its this inherent issue which causes the headaches.

    Could probably move it to a folder but would have to hack core files, along with theme files. Both could produce further security issues. Also a right PITA with WP and theme updates.

    May also stop some plugins working etc etc.

    #834184
    funalice2003
    Member

    Hi,

    this really sucks… isnt there any way to try to block the attacks from the hosting provider side? Maybe they can increase the security for your site specifically and add some firewall rules?

    #834186
    gokken
    Member

    @clara.affactive 252878 wrote:

    Hi,

    this really sucks… isnt there any way to try to block the attacks from the hosting provider side? Maybe they can increase the security for your site specifically and add some firewall rules?

    +

    Hi Clara,

    Yep it sucks big time!

    I have security in place which blocks IP’s. However, with bot nets they cycle through literally 10,000’s of thousands of IP’s in different C-classes. Hence blocking an IP or even an entire IP block range is useless. Not to mention, blocking out legitimate visitors.

    This time the attack (seems) to have originated from a single IP. But, that could have been a hacked PC, an open proxy or a hacked server, which is then used in hacking attempts.

    I have updated to using min 17 character p/w’s with upper/lower case, numbers and special characters. I’ve also hardened both VPS’s, including the firewall.

    I doubt if anyone could gain brute force entry. But, the BIG issue is getting hammered like this by a number of persistent multiple attacks. It’s like a mini DDOS attack. While it doesn’t take down the box, it does cause major performance issues while it lasts.

    The only other option I can think of (which wont cost me an arm and leg), is to use something like CloudFlare.com, though I’ve heard good and bad things about this service. Right now, I’m not really sure what to do. Kinda stuck between a rock and a hard place.

    #834271
    bobkogon
    Member

    @AussieDave 252881 wrote:

    +
    The only other option I can think of (which wont cost me an arm and leg), is to use something like CloudFlare.com, though I’ve heard good and bad things about this service. Right now, I’m not really sure what to do. Kinda stuck between a rock and a hard place.

    Hi Dave,

    Why don’t you use Wordfence Security plugin? Free version is pretty useful and has a feature that allows you to automatically ban any IP that fail to login “x” nr of times.

    #834273
    Anonymous
    Inactive

    There at it again today,,, have about 100 different attempts on 2 sites.. Getting tired of banning ips

    #834278
    gokken
    Member

    @jopaa 253005 wrote:

    Hi Dave,

    Why don’t you use Wordfence Security plugin? Free version is pretty useful and has a feature that allows you to automatically ban any IP that fail to login “x” nr of times.

    Already do mate.

    The inherent problem with plugins like this and others, they don’t actually prevent these scum bags gaining access to the login page. In addition, blocking IP’s is a waste of time. 95% of these brute force hack attempts are coming from botnets, who have access to 10’s of thousands, if not 100’s of thousands of infected PC’s, servers etc etc. That’s a lot of IP’s to block, which does no good at all.

    I think my best alternative is to use a service like CloudFlare, where my site sits behind whatever they use. CloudFlare stops them at the door, before these jerks get access to the site.

    Wordfence and others are good for script kiddies and anyone using a single IP. However getting hammered by 1000’s of IP across changing C-Classes, these security plugins are a waste of resources.

    #836183
    Anonymous
    Inactive

    I faced this same problem before with some of my WP sites… I actually installed Limit Login Attempts plugin so it would just block them after 2 or 3 failed login attempts. Seamed to help the problem a little…

    #837176
    Anonymous
    Inactive

    stop using WP…. sorry…. but that is where the problem starts…. it sucks ass

Viewing 9 posts - 1 through 9 (of 9 total)