Over 1,000 hits against wp-login.php yesterday?

  • jofoco4

    (@jofoco4)


    12 years, 3 months ago

    My webstats indicate my wp-login file had over 1,000 hits yesterday (maybe 1 belonged to me). Clearly, somebody wanted “in”, but it doesn’t look like (at least so far) that my files were compromised. I changed the password this morning, and have pretty good security at the domain level (at least I thought I had pretty good security!)

    The problem is, all my security and stats packages are watching the domain as a whole, not the underlying workings of WP.

    Is this sort of periodic barrage against a login file normal? And are there stats / security packages that work with/watch the WP functionality specifically? I’m concerned there’s activity specifically directed at WP that won’t be picked up by the guards at the domain gate.

    Thanks!

    John

Viewing 5 replies - 1 through 5 (of 5 total)
  • esmi

    (@esmi)

    12 years, 3 months ago

    Is this sort of periodic barrage against a login file normal?

    Unfortunately, this kind of thing does happen. It may have been some sort of modified dictionary attack. Have you reviewed Hardening_WordPress?

    Thread Starter jofoco4

    (@jofoco4)

    12 years, 3 months ago

    Thanks esmi. No, I haven’t.

    Your response is the kind of direction I was looking for. I appreciate your time and perspective!

    esmi

    (@esmi)

    12 years, 3 months ago

    It might also be worth having a word with your hosts in case they’ve noticed any attacks across their servers recently. These things do tend to come in waves. Once the hackers have exhausted any avenues, they move onto another provider.

    Thread Starter jofoco4

    (@jofoco4)

    12 years, 3 months ago

    I will do as you suggest.

    I should say that this activity is probably related to a larger series of attacks that I, and a number of WP users, have identified, originating (in part) from a user (so called) Ian Duggin, originating in Portland OR.

    If you (or any readers of this post) are interested, the thread is :
    http://www.google.com/support/forum/p/Google+Analytics/thread?tid=0129cc02d29a079b&hl=en

    Thanks again for your thoughts, esmi.

    John

    Thread Starter jofoco4

    (@jofoco4)

    12 years, 3 months ago

    Sorry about that cryptic link yesterday. I wasn’t thinking.

    If anyone has seen unusual activity related to “Ian Duggin” impacting their site, here’s a link to the Google Analytics support forum. From there, search on “Ian Duggin” for the thread about this activity impacting WP sites.

    Same domain as yesterday, it’s just more clearly a safe link.

    http://www.google.com/support/forum/p/Google+Analytics/?hl=en

    Best,

    John

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Over 1,000 hits against wp-login.php yesterday?’ is closed to new replies.