Title: Critical attack
Last modified: September 21, 2016

---

# Critical attack

 *  Resolved [eddyferns](https://wordpress.org/support/users/eddyferns/)
 * (@eddyferns)
 * [9 years, 8 months ago](https://wordpress.org/support/topic/critical-attack/)
 * I have received the below attack in the firewall log under critical:
 * Rule 1369 POST /index.php – WP: Download Manager remote command execution – [
   POST:execute = wp_insert_user]
 * Was the attack successful or a failure?

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [9 years, 8 months ago](https://wordpress.org/support/topic/critical-attack/#post-8206978)
 * The firewall blocked it, so there is no need to worry about it.
    Whatever you
   see in the log means it was blocked, unless stated otherwise.
 * Make sure you enabled the “NinjaFirewall > Updates > Check for updates hourly”
   option so that your rules are always up to date.
 *  Thread Starter [eddyferns](https://wordpress.org/support/users/eddyferns/)
 * (@eddyferns)
 * [9 years, 8 months ago](https://wordpress.org/support/topic/critical-attack/#post-8219273)
 * Thanks for the info.
 * As the IP of the attacker is mentioned, is it then possible to exactly identify
   the attacker using your pro or premium version?
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [9 years, 8 months ago](https://wordpress.org/support/topic/critical-attack/#post-8221439)
 * It would be a waste of time, I’m afraid. They use scripts/bots running from infected
   servers or computers, or connect over HTTP proxies. Even blocking the IP would
   not help much, because they will come back with another one. The most important
   is to reject it right away as did NinjaFirewall.
 *  Thread Starter [eddyferns](https://wordpress.org/support/users/eddyferns/)
 * (@eddyferns)
 * [9 years, 8 months ago](https://wordpress.org/support/topic/critical-attack/#post-8235796)
 * Thanks! So I’ll just let Ninja to do what it does.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Critical attack’ is closed to new replies.

 * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137)
 * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/)
 * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [eddyferns](https://wordpress.org/support/users/eddyferns/)
 * Last activity: [9 years, 8 months ago](https://wordpress.org/support/topic/critical-attack/#post-8235796)
 * Status: resolved