Plugin Author
AITpro
(@aitpro)
Typically an “official” DDoS attack targets host servers and not individual websites. I am sure that all big brand name hosts have DDoS protection in place on their servers. BPS currently provides Brute Force Login attack protection that can be considered loosely DDoS protection due to the volume of POST login attacks during large scale Brute Force Login attacks on an individual website. We are currently still in the R&D phase of looking at individual website DDoS protection methods that could be useful that are not already being done by web hosts.
Thread Starter
Dave
(@deeve007)
Well here’s one tip: To be able to set a “time out” for being able to access the login/admin at all. I had a DDOS attack yesterday, someone trying to log into a site for hours. In the end I had to take my site down for half a day. If I could have denied access to everyone to the login and admin for 12 hours, or even longer, then that would have addressed the issue without affecting my site.
Plugin Author
AITpro
(@aitpro)
You can do something simple like allowing only your IP address access to your WordPress Login page in the link below permanently or temporarily IF you are the only person that logs into your site. ie you do not allow anyone else to register, login and post comments on your site.
http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/
We have several sites where we need for people to be able to register, login and post comments. So during larger scale brute force login attacks we have seen 1,000 login attempts per second for up to 3 days. During the attack the forum site loaded .1 seconds slower than normal. That was the only negative impact and everything else worked as usual – new user’s were successfully able to register, login and post comments. Basically we were aware that the attack was going on, but no one else was – business as usual. 😉
Plugin Author
AITpro
(@aitpro)
So that is why we are carefully researching adding anything else that addresses DDoS attacks in a different way since currently as far as Brute Force login attacks are concerned this is already being handled efficiently and successfully. It would be foolish to add something additional that actually caused a problem. ie causing excess resource load/usage or some other negative impact. What is more important at this point is getting folks to understand some basic things that are commonly misunderstood. Occaisonally we get asked how to prevent/stop Security Log entries from occurring/being logged because the person is under the impression that the blocked/logged attack is having some negative impact on their website instead of what is actually occurring, which is simply logging blocked attacks. BPS Security logging uses fwrite() to log events since fwrite() is the fastest method for successive writes. Impact/resource usage is insignificant even when logging 1,000’s of events in short periods of time.
Plugin Author
AITpro
(@aitpro)
And most importantly – all logging is done to plain text static files instead of using the WordPress DB/Queries. Queries are the most expensive operation for dynamic php site types so Queries should be used carefully and in the case of constant logging of events it would be very foolish/expensive to use the WP DB to handle any part of logging Security events. In addition, all log files are automatically zipped and emailed to you when they reach a certain size and are replaced with a new blank log file.
Plugin Author
AITpro
(@aitpro)
Assuming all questions have been answered – thread has been resolved. If you have additional questions about this specific thread topic then you can post them at any time. We still receive email notifications when threads have been resolved.
Thread Start Date: 6-8-2015 to 6-9-2015
Thread Resolved/Current Date: 6-10-2015
Comments: Adding any additional DDoS features in BPS is pending further R&D.
