Ninja Firewall create a DOS attack to WordPress
-
My friend had a web site using Full AFW mode ninja firewall 3.4.1
2 days ago, my friend found a DDOS attack, but soon he figure out the DDOS attack is from every visitor to his site.
Finally he try to disable plugin one bye one, and the attack stopped after he disable Ninja Firewall.The attack is a 404 attack and will create a request to /search/ with random number like this.
1.169.0.0 – BYPASS [29/Jan/2017:23:31:06 +0800] example.com “GET /search/1485703867158 HTTP/1.1” 403 189 “https://example.com/xcom2/” “Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36”The frequency of the attack from each user is about 3 attacks in 2 seconds, and the mysql stop response very soon.
Is there any chance some hackers hacked Ninja Firewall to let it attack?
-
It shows that your server returned a 403 Forbidden response with 189 bytes.
NinjaFirewall should not block a request such as “GET /search/1485703867158”.-Do you have the firewall log showing the incident?
-Is there any other security plugin installed?
The topic ‘Ninja Firewall create a DOS attack to WordPress’ is closed to new replies.
