Malicious Log-in attempts

  • Resolved ewball

    (@ewball)


    8 years, 7 months ago

    I am running JetPack and use the malicious log-in security feature in it. I also use WordFence which shows me the ip address of those iP addresses that have been blocked for multiple attempts to log-in and/or use of password recovery system.

    In the last 5 or 6 days I have experienced more than 100 blocked IP address that have made at least 10 attempts to log-in to my admin area. To date JetPack is showing more than 6,000 malicious log-in attempts.

    My site is hardly a high profile site and doesn’t have much traffic at this point. So why all the attempted log-in’s? Is there something technical about my site the could be attracting these attacks? Most of these current attacks are coming from Russia. It is clear that when one IP address gets blocked, the attackers switch to another. It concerns me that something is attracting them to my site. If that is the case I would like to do whatever to reduce this hassle.

    Any ideas of what could be going on? I would appreciate any ideas or insights.

    Thanks,
    Edgar Ball

    https://wordpress.org/plugins/jetpack/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Brandon Kraft

    (@kraftbj)

    Code Wrangler

    8 years, 7 months ago

    Honestly, they tend to simply try their attempt to get it without real regard if you’re a hot target or not. If you’re running outdated versions of WordPress or any plugin, using an outdated theme, etc, you’re more ripe of a target since they may have reverse engineered a security patch into an exploit.

    For what it’s worth, I’m at over 13,000 blocked attempts.

    If you’re concerned, you can also sign up for a service like VaultPress or Sucuri to scan your site for any known security vulnerabilities to ensure that there’s nothing outstanding that you’d want to resolve.

    Cheers!

    Thread Starter ewball

    (@ewball)

    8 years, 7 months ago

    Thanks for taking the time to respond. i should have read some of the past entries around this issue and realized that this is happening to everyone. It is very irritating. I’m not overly concerned. JetPack and WordFence seem to be doing a good job of blocking them. One of my sites was blasted last week and this week nothing is coming in regarding forced blocked IP address, meaning they did not go past the threshold of 10 attempts. Maybe I blocked enough whole networks to slow them down. I wish I could bill them for my time.

    Anyway, thanks again for your response. I appreciate it much.

    Edgar

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Malicious Log-in attempts’ is closed to new replies.