Plugin Author
AITpro
(@aitpro)
Yep, there is another increased surge/wave of Brute Force Login Attacks going on again right now. We are getting slammed with emails from folks about this. We have created this Forum Topic below, which has some additional methods you can use to protect your site. More specifically what you can do about protecting publicly displayed usernames / user accounts / Login names / User ID’s on your website.
http://forum.ait-pro.com/forums/topic/all-login-ids-locked-out/#post-13608
Plugin Author
AITpro
(@aitpro)
Oh and to get back into your website use FTP or your web host control panel file manager, rename the /bulletproof-security plugin folder to /__bulletproof-security so that you can log into your site. Once you are logged in then rename the /bulletproof-security folder name back to its correct folder name. Then do the recommended step of creating an additional Admin user account that is NEVER used for posting posts and is ONLY used for logging into your site.
Thank you.
Unfortunately for me we have a community site with member pages, so I’m unable to hide my admin account. Strangely though the other accounts aren’t getting brute-forced. I did create a backup admin account though, and the passwords are all super strong.
Like clockwork my account is getting locked every hour. I have it set to lock after 3 attempts.
I’m using another activity monitoring plugin which shows me the attempted password. They are going through the dictionary.
Plugin Author
AITpro
(@aitpro)
Yep, login attacks are usually automated. Have you tried using the this Brute Force Login protection code below? On our sites this blocks around 200,000 login attacks per month (around 80% – 90%). A large majority of these automated login attacks use the HTTP/1.0 protocol.
http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/
# BRUTE FORCE LOGIN PAGE PROTECTION
# Protects the Login page from SpamBots, HackerBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
RewriteRule ^(.*)$ - [F,L]
Plugin Author
AITpro
(@aitpro)
Our BuddyPress/bbPress Forum site draws the most attention from hackerbots & spambots. We are using our JTC Anti-Spam / Anti-Hacker feature, which is basically a beefed up CAPTCHA plugin. If you are looking for free plugin alternative then install the SI CAPTCHA Anti-Spam plugin, which should significantly reduce the number of login form attacks.
Yes, that stopped them cold, thanks!
Plugin Author
AITpro
(@aitpro)
Which things did you do? Just the Brute Force Login Page protection code or both the code and a CAPTCHA plugin?
