Wordpress under attack, any advice?

brickharbor

Full Member
webmeister
Throughout the day today, someone has been sending 40-60 requests per minute to try and get into my site from 10pm to now 20:46 GMT it's still going on.

I have the Cerber plugin installed but I don't feel like that's enough, does anyone have any advice on what I could do to make it even harder for whoever it is trying to get in?

Screen Shot 2018-01-09 at 20.47.12.png
 

colinsunderland

Experienced Member
webmeister
MM
Using SSH do something like this

iptables -I INPUT -p tcp —dport 80 -i eth0 -m state —state NEW -m recent —set
iptables -I INPUT -p tcp —dport 80 -i eth0 -m state —state NEW -m recent —update —seconds 180 —hitcount 3 -j DROP
iptables-save >/etc/iptables.up.rules

Which will drop any connection if the same IP tries 3 times within 3 minutes, it won't stop it completely but should slow them down massively

Edit : have a look here for more info on it - he uses 10 and 1 minute but principle is the same

You do not have permission to view link Log in or register now.
 

dunover

Unofficial T&C's Editor
Staff member
webmeister
PABnonaccred
PABnononaccred
CAG
mm3
For a DOS attack it would be pathetic, sounds more like blackhat SEO is being placed on your site. You'll find most is from Russia, or bots they have control of.
 

brickharbor

Full Member
webmeister
For a DOS attack it would be pathetic, sounds more like blackhat SEO is being placed on your site. You'll find most is from Russia, or bots they have control of.
Someone who knows more than me had a look and said it was just a script someone is running to hack into the site.

Surely it was a hack attempt, as the target was the login?
Yup it looks that way.

change the wp-login page to something else, then install wordfence and have it insta block anyone who accesses that page
Whitelisted myself and blocked every IP trying to access wp-admin/login/XML etc. Got 1426 lockouts so far and it's still going!

Why anyone would want to get into my site is completely beyond me, I'm not getting that much traffic or making that much money from it and it's a thin site. Weird.
 

conker

Senior Member
webmeister
CAG
MM
I wouldn't be taking it personally, they are not focused on your website alone. There are a lot of scammers out there trawling the web with bots to find weak and vulnerable wp sites. Typically their aim is to inject their spammy links, cause mischief or add crap content that ranks for 5 minutes.

We invested in the Premium version of wordfence, about $60 a year and haven't looked back. Even the free version will work wonders.
 

Webzcas

Winter is Coming!
This thread is a few months old, but nonetheless I am resurrecting. I have just written a write up about Wordfence and what you get from the free version and also the benefits of shelling out $99 a year for the Premium version.

Seriously, if you generate revenue from a website that you manage and it utilises Wordpress, you need to install the Wordfence plugin.

You do not have permission to view link Log in or register now.
 
Top