WordPress.org

Ready to get started?Download WordPress

Forums

How do I stop the attack? Or at least better protect my site. (12 posts)

  1. keeperbay
    Member
    Posted 1 year ago #

    In the last 6 hours my site has detected nearly 300 failed login attempts [limit login attempts plugin].

    I have WP-Ban and I have banned all the IP's but it's never ending! I can't block them fast enough.

    Is there a way to move my login page?
    Or can I just remove the wp-login.php until the next time I want to login, but still remain logged in? And if I remove the wp-login.php will it still keep others from logging in?

    I need more than just backing up my database and changing my password, I need to move the login or something drastic.

    What kind of crazy attack is this?

  2. WPyogi
    Volunteer Moderator
    Posted 1 year ago #

  3. keeperbay
    Member
    Posted 1 year ago #

    This is STILL the Brute Force Attack?
    I thought that was over?
    Good grief. Thanks.

  4. esmi
    Forum Moderator
    Posted 1 year ago #

    You could try adding:

    <files wp-login.php>
    order allow,deny
    deny from all
    allow from 127.0.0.1
    </files>

    to the top of your root .htaccess file - replacing 127.0.0.1 with the ip address that you normally login from.

  5. keeperbay
    Member
    Posted 1 year ago #

    Umm, that doesn't tell me how to move the Login Page tho.
    My hosting company can't control the attack, I can still login, I want to move my login.

  6. keeperbay
    Member
    Posted 1 year ago #

    esmi, cross posted.
    Thank you, that will work!

  7. keeperbay
    Member
    Posted 1 year ago #

    COMPLETE AND SUDDEN STOP!
    Either I have blocked all the IP's in their arsenal or that little trick worked!

    Now a follow up question, I have several domains on that hosting, anyway to limit that trick to just one domain? The other domains are test domains and other people log in to those from time to time.

    Thanks.

  8. esmi
    Forum Moderator
    Posted 1 year ago #

    Are all of the domains on the server using their own folders?

  9. keeperbay
    Member
    Posted 1 year ago #

    Yes.

  10. esmi
    Forum Moderator
    Posted 1 year ago #

    Then the .htaccess file in the root of one domain should not affect any of the others. In general, .htaccess files only affect their own folder and any sub (child) folders.

  11. keeperbay
    Member
    Posted 1 year ago #

    Ok, I thought that was working. What I found is that if I'm logged in when I upload the .htaccess, it keeps everyone else out. However, if I log out I can't get to the login screen.

    I think I'm doing it wrong. Should it look like this:
    [The 0's being my IP]

    # BEGIN WordPress
    <files wp-login.php>
    order allow,deny
    deny from all
    allow from 00.000.00.000
    </files>
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    ....... and so on.

    I'm not sure how much of the .htaccess is safe to post.

  12. keeperbay
    Member
    Posted 1 year ago #

    PS In the last 2 weeks I've been hit by 268 IPs trying to hack my site. It stopped while I was logged in and had that "order allow,deny" was in the .htaccess, but whenever I needed to login I had to upload a copy of the .htaccess without the "order allow,deny", login, then upload a copy of the .htaccess with the "order allow,deny" As soon as that .htaccess comes down, I get 10 to 20 failed login attempts in just minutes.

    It works, but if I can do it right, I'd rather.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags