WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] My blog keeps getting attacked (22 posts)

  1. Florence
    Member
    Posted 2 years ago #

    So I run a cute and girly cooking blog. It's not very big, has very few users and it is intended for me and my girlfriends to post our favorite recipes.

    The past 2 days WordPress Firewall 2 has been very busy with blocking potential attacks. I keep getting notifications in waves, every 15 minutes, 20 at a time. It's the same IP address every time.

    So what do I do? Will they be able to get in? How long will they keep this up? And WHY would they want to hack my website?

    Is there anyone with experience with this?

  2. Florence
    Member
    Posted 2 years ago #

    Oh and another thing. Ever since the attacks started, Google Chrome won't open my website anymore. Internet Explorer and Safari will open it.

    Geez who are these people?!

  3. Check your site on http://sitecheck.sucuri.net/scanner/ to make sure you don't have any malware first.

    Then ask your host for help as they may be able to block things from their end.

  4. Florence
    Member
    Posted 2 years ago #

    Thanks Ipstenu! I didn't know about that website, very handy! Appearently my blog is clean. I wonder why Google Chrome doesn't open it any more. It still shows up in Google search engine...

  5. If it's the URL in your profile, it opened fine for me in Chrome.

  6. Florence
    Member
    Posted 2 years ago #

    Strange... it's http://www.cookingblondes.nl/
    Geez they just tried again. 2 waves of 20 within 5 minutes. They must really want to get in :s

  7. Florence
    Member
    Posted 2 years ago #

    Oh I think it had something to do with cookies. I deleted all cooking from the Cooking Blondes site and now it works again. But these hackers are still bugging me... I guess there's not much I can do?

  8. Tell your webhost. They may be able to help. There's server-side stuff you can do, but you may not have access to your firewall on the server.

  9. Florence
    Member
    Posted 2 years ago #

    Ok I'll send them an email. Thank you for the help!

  10. demlasjr
    Member
    Posted 2 years ago #

    Hi Florence. Your website is opening pretty good for me. However, to avoid the downtime, the attacks and the slow opening pages, I suggest you using Cloudflare too. It's free and easy to configure. They will block any attack and you have enjoying the free CDN too :)

    I can guide and help you if you need. I would be happy. Just let me know.

  11. Florence
    Member
    Posted 2 years ago #

    Yeah um... So someone suggested the WP-ban plugin, since it was the same IP adress every time. I copied the adress from the emails I got from WordPress Firewall 2, pasted it into the WP-ban and....

    ...I managed to ban myself...

    How strange that the offending IP adress was me! I have to wait until tomorrow, so I can get onto another machine and unban my IP adress. I can't install Cloudflare until then. Is it realy that slow? Thanks for the feedback :)

  12. I am laughing because I've been in IT for yonks and I've done this to myself SO many times.

    Can you get in via FTP to your domain? If so, just go in and delete the wp-ban folder from your wp-content/plugins directory.

    THEN go into WordPress Firewall 2 and add that IP as a whitelisted IP.

  13. Florence
    Member
    Posted 2 years ago #

    I logged in with a smartphone and unbanned myself. Yeah, good idea, whitelist myself :) Gosh, I'm so confused...

  14. demlasjr
    Member
    Posted 2 years ago #

    Ipstenu...you don't really need to delete it, if you rename it will work too :)

    @Florence: Cloudflare is more related to your domain registrar than your wordpress :) You can leave that IP unblocked...or block it in Cloudflare panel too.

  15. demlasjr
    Member
    Posted 2 years ago #

    One more thing Florence:

    - Cache your content
    - Minify your javascript, css and html

    This will make your website 10x faster. Isn't so slow, but isn't enough to get you far away :)

    Also...try a more attractive theme ;)

  16. True you don't need to delete it, but IMO you don't need it at all (banning by IP is ineffective).

  17. demlasjr
    Member
    Posted 2 years ago #

    Yeah...banning by ip is just makes the user unable to access your page, but not the server...

  18. That and a REAL hacker/attacker will just switch IPs :/

  19. Florence
    Member
    Posted 2 years ago #

    That leaves one question.. Why would the firewall say I'm a hacker?

  20. Are you at your office or at home?

    If you're at work, sometimes office firewalls are weird and send out extra data to sites, causing them to think innocent connections are actually hackers.

  21. Florence
    Member
    Posted 2 years ago #

    No I'm at home

  22. demlasjr
    Member
    Posted 2 years ago #

    If that "firewall" is a plugin....DELETE and problem fixed. A firewall plugin will not helping you at all.

Topic Closed

This topic has been closed to new replies.

About this Topic