How do I stop the attack? Or at least better protect my site.

keeperbay
(@keeperbay)

10 years, 11 months ago

In the last 6 hours my site has detected nearly 300 failed login attempts [limit login attempts plugin].

I have WP-Ban and I have banned all the IP’s but it’s never ending! I can’t block them fast enough.

Is there a way to move my login page?
Or can I just remove the wp-login.php until the next time I want to login, but still remain logged in? And if I remove the wp-login.php will it still keep others from logging in?

I need more than just backing up my database and changing my password, I need to move the login or something drastic.

What kind of crazy attack is this?

Viewing 11 replies - 1 through 11 (of 11 total)

WPyogi
(@wpyogi)

10 years, 11 months ago

See your earlier thread http://wordpress.org/support/topic/how-to-fix-the-brute-force-attack?replies=4

Thread Starter keeperbay
(@keeperbay)

10 years, 11 months ago

This is STILL the Brute Force Attack?
I thought that was over?
Good grief. Thanks.
esmi
(@esmi)

10 years, 11 months ago
You could try adding:
```
<files wp-login.php>
order allow,deny
deny from all
allow from 127.0.0.1
</files>
```
to the top of your root .htaccess file – replacing 127.0.0.1 with the ip address that you normally login from.
Thread Starter keeperbay
(@keeperbay)

10 years, 11 months ago

Umm, that doesn’t tell me how to move the Login Page tho.
My hosting company can’t control the attack, I can still login, I want to move my login.

Thread Starter keeperbay
(@keeperbay)

10 years, 11 months ago

esmi, cross posted.
Thank you, that will work!

Thread Starter keeperbay
(@keeperbay)

10 years, 11 months ago

COMPLETE AND SUDDEN STOP!
Either I have blocked all the IP’s in their arsenal or that little trick worked!

Now a follow up question, I have several domains on that hosting, anyway to limit that trick to just one domain? The other domains are test domains and other people log in to those from time to time.

Thanks.

esmi
(@esmi)

10 years, 11 months ago

Are all of the domains on the server using their own folders?

Thread Starter keeperbay
(@keeperbay)

10 years, 11 months ago

Yes.

esmi
(@esmi)

10 years, 11 months ago

Then the .htaccess file in the root of one domain should not affect any of the others. In general, .htaccess files only affect their own folder and any sub (child) folders.

Thread Starter keeperbay
(@keeperbay)

10 years, 11 months ago

Ok, I thought that was working. What I found is that if I’m logged in when I upload the .htaccess, it keeps everyone else out. However, if I log out I can’t get to the login screen.

I think I’m doing it wrong. Should it look like this:
[The 0’s being my IP]

# BEGIN WordPress
<files wp-login.php>
order allow,deny
deny from all
allow from 00.000.00.000
</files>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
……. and so on.

I’m not sure how much of the .htaccess is safe to post.

Thread Starter keeperbay
(@keeperbay)

10 years, 11 months ago

PS In the last 2 weeks I’ve been hit by 268 IPs trying to hack my site. It stopped while I was logged in and had that “order allow,deny” was in the .htaccess, but whenever I needed to login I had to upload a copy of the .htaccess without the “order allow,deny”, login, then upload a copy of the .htaccess with the “order allow,deny” As soon as that .htaccess comes down, I get 10 to 20 failed login attempts in just minutes.

It works, but if I can do it right, I’d rather.

Viewing 11 replies - 1 through 11 (of 11 total)

The topic ‘How do I stop the attack? Or at least better protect my site.’ is closed to new replies.

How do I stop the attack? Or at least better protect my site.

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics