Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsIT Pro and developersWordpress attempted logins - hugely increased October 2015
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
michaelmurfy
meow
13242 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1408206 17-Oct-2015 13:08
Send private message

A site I host ended up getting this a couple of months ago. I was at first adding the IP addresses the attack was coming from to the iptables rules on the server but this ended up getting a little tedious. I ended up upping my Linode plan until I could figure out what was going on. That day, I wrote a .htaccess file which solved the issue for me.

 

RewriteEngine On
 
RewriteBase /
 
RewriteRule ^index\.php$ - [L]
 
RewriteCond %{REQUEST_FILENAME} !-f
 
RewriteCond %{REQUEST_FILENAME} !-d
 
RewriteRule . /index.php [L]
 
RewriteRule ^xmlrpc\.php$ "http\:\/\/0\.0\.0\.0\/" [R=301,L]

 

This site is rather popular and after adding the .htaccess file into the site-owners wordpress folder I saw the issue was resolved. They were hitting the webserver for a wee while and just getting 403's for everything. 




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.



timmmay

20578 posts

Uber Geek

Trusted
Lifetime subscriber

  #1408215 17-Oct-2015 13:19
Send private message

According to CloudFlare I'm getting big spikes of traffic, which are likely attacks - I'm on the free plan so I can't tell. One of my sites usually has 3K uncached hits a day, it jumped to 50K. The traffic doesn't make it to Google Analytics, web server logs say a fair bit of traffic to the wordpress login page - not the xml endpoint. I have backups and I don't mind too much if the sites go down, so I'll probably just ignore it.

michaelmurfy
meow
13242 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1408223 17-Oct-2015 13:33
Send private message

timmmay: According to CloudFlare I'm getting big spikes of traffic, which are likely attacks - I'm on the free plan so I can't tell. One of my sites usually has 3K uncached hits a day, it jumped to 50K. The traffic doesn't make it to Google Analytics, web server logs say a fair bit of traffic to the wordpress login page - not the xml endpoint. I have backups and I don't mind too much if the sites go down, so I'll probably just ignore it.


Install Jetpack (https://wordpress.org/plugins/jetpack/) and enable the brute force protection. I wouldn't recommend ignoring it even if you have backups.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.



timmmay

20578 posts

Uber Geek

Trusted
Lifetime subscriber

  #1408229 17-Oct-2015 13:46
Send private message

michaelmurfy:
timmmay: According to CloudFlare I'm getting big spikes of traffic, which are likely attacks - I'm on the free plan so I can't tell. One of my sites usually has 3K uncached hits a day, it jumped to 50K. The traffic doesn't make it to Google Analytics, web server logs say a fair bit of traffic to the wordpress login page - not the xml endpoint. I have backups and I don't mind too much if the sites go down, so I'll probably just ignore it.


Install Jetpack (https://wordpress.org/plugins/jetpack/) and enable the brute force protection. I wouldn't recommend ignoring it even if you have backups.


I use both CloudFlare and Wordfence. Wordfence protects against this as well.

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright