WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
Hacker attempting URI "/not_found" (3 posts)

  1. joeaschoff
    Member
    Posted 1 year ago #

    Somehow our website has come under scrutiny by a hacker from Saudi Arabia. We were originally hacked and I installed Better WP Security, along with implementing a number of other security measures.

    It seems to be working so far. However, every couple of days, I notice that I get a 404 error in the log where a different IP range from Saudi Arabia attempts to access the URI "/not_found"

    Does anyone know how I can prevent others from even accessing the site via that URI? I was going to try and block the IP ranges, but every time it's a different range apparently. There's a screenshot of the entry here.

    They've managed to hack the site and inject files into my folders through this method in the past (prior to Better WP Security) and I want to make sure I'm fully addressing the vulnerability.

    Thanks,

    Joe

    http://wordpress.org/extend/plugins/better-wp-security/

  2. Handoko
    Member
    Posted 1 year ago #

    Have you heard Bad Behavior plugin? It sounds interesting, it will analyze and automatic block visitors that try making weird things on your site, the things usually done by hack/spam bots. It will also use IP blacklists from several servers for blocking.

    Better WP Security + Bad Behavior = awesome. I used both of them. Here is the link to the plugin:
    http://wordpress.org/extend/plugins/bad-behavior/

    Unfortunately, a year ago there was report said Bad Behavior blocking GoogleBot, so I uninstalled it from my websites. Perhaps the bug has been solved. More info here:
    http://wordpress.org/support/topic/plugin-bad-behavior-blocking-google-bot

    You may also try WP SlimStat, it's a web analytics plugin. It has feature to track bots so you can see what the bots were trying to access. Useful for studying hacker activities on your site rather than showing URI "/not_found" (Better WP Security). Here is the link to the plugin:
    http://wordpress.org/extend/plugins/wp-slimstat/

    BulletProof Security plugin sounds promising. I never tried, but the author of BulletProof Security said it can work harmony with Better WP Security. Here is the link:
    http://wordpress.org/support/topic/plugin-interactions-bulletproof-security-better-wordpress-security

    Hope my suggestions could be useful.

  3. joeaschoff
    Member
    Posted 1 year ago #

    Thank you very much; I will try that!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.