Site hack attempts and BPS Security

bowlandwalks
(@bowlandwalks)

11 years, 4 months ago

Over the last couple of days it appears that people from all around the world are trying to log into my site. They are getting blocked after two failed attempts but literally the minute after the block finishes (after an hour) someone else tries and it blocks the account again.
Does anyone else get this?

I’ve had my site hacked once before and had to spend hours putting it right, so this is concerning me a bit. Or should I not be worried? Here are some more IP’s.

72.233.127.179
107.191.108.111
162.13.121.139
50.57.43.122
96.30.56.139
217.146.69.13
69.25.136.98 (blocked twice)
31.13.217.228 (blocked twice)
82.113.137.247
217.115.202.70
174.142.208.218
178.33.186.8
89.187.135.30
81.169.201.30
54.186.10.19

Thanks.

Viewing 12 replies - 1 through 12 (of 12 total)

Thread Starter bowlandwalks
(@bowlandwalks)

11 years, 4 months ago

Site is http://www.bowlandwalks.co.uk

kathtam
(@kathtam)

11 years, 4 months ago

I have this same problem. I removed wp-login.php to try and stop them. But they keep coming.

Thread Starter bowlandwalks
(@bowlandwalks)

11 years, 4 months ago

It’s an absolute nightmare isn’t it. I am trying to figure out if it’s bots and harmless, or whether I am literally being bombarded by hackers.

kathtam
(@kathtam)

11 years, 4 months ago

I have had it before. It’s bots but am sure it is some low life trying to show how clever they are.

Thread Starter bowlandwalks
(@bowlandwalks)

11 years, 4 months ago

Yeah probably. Latest one just in:

Status: Locked

Role: administrator

Lockout Time: 14/01/2015 7:03 pm

Lockout Time Expires: 14/01/2015 8:03 pm

User IP Address: 87.106.143.176

User Hostname: gamma.lambda-systems.de

Request URI: /wp-login.php

Site: http://www.bowlandwalks.co.uk

kathtam
(@kathtam)

11 years, 4 months ago

Still a problem?

Thread Starter bowlandwalks
(@bowlandwalks)

11 years, 4 months ago

Hey,

Yeah, here’s last night’s hacks.

Thread Starter bowlandwalks
(@bowlandwalks)

11 years, 4 months ago

Oops, link.

kathtam
(@kathtam)

11 years, 4 months ago

Why don’t you try deleting the wp-login.php file. It has worked with three other sites I have. And when I want to update I copy it back, update and delete again.

However that doesn’t work with every site. They seem to be able to get behind that file and keep their evil probe going.

I managed to “fix” three in this way and am left with a problem with just one.

leejosepho
(@leejosepho)

11 years, 4 months ago

The solution for all of this will ultimately be found in getting out in front of WordPress and culling the undesirable access attempts that do not originate from a link at the site. I have yet to accomplish that completely, but I am still working at trying to learn how to do so. At the moment, I am using just one instance of the stand-alone Pro+ version of https://wordpress.org/plugins/ninjafirewall/ out ahead my sites, and that is greatly reducing undesirable traffic. However, I have yet to learn how to customize it to let certain things on through like I would assume the plugin can do at a single site.

Another plugin that gets out ahead of WordPress is WP Simple Firewall, but I believe there are others also and I have yet to look beyond Ninja.

https://wordpress.org/plugins/search.php?q=wp+simple+firewall

Thread Starter bowlandwalks
(@bowlandwalks)

11 years, 3 months ago

Sorry for the delay in replying, I’ve been out in the countryside with no signal on my phone. When I finally got a signal back my phone went mad, pinging me emails for all the new hacking attempts!

Thanks both for the replies, I am going to try them now.

kathtam
(@kathtam)

11 years, 3 months ago

The bot has lost interest in my site. No more alerts. Did you get any closer to a solution?

Viewing 12 replies - 1 through 12 (of 12 total)

The topic ‘Site hack attempts and BPS Security’ is closed to new replies.

Site hack attempts and BPS Security

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics