Understanding DoS tier bahavior

  • Heiko

    (@heikohaller)


    8 years, 6 months ago

    Hi,
    I am trying to understand, what exactly Login Security Solution does, when a brute-force attack reaches the DoS tier, and how this is triggered?

    “How many matching login failures should it take until the plugin stops delaying responses (to avoid a Denial of Service problem)?” sounds to me like the brute-force protection is dropped as soon as the attack continues long enough to place > 500 fails. However I can not believe that this is what you mean. If delaying is stopped, does any other protection come into place instead?

    Also, how are distributed attacs treated?
    The current attac against my WP uses many different IP adresses, most of them only once (as reported by LSS), the only common thing is the userneme. Does that mean, the attempts are not classified as matching?

    This Attac is carrying on since a couple of days now.
    Will protection be droped once 500 attempts are reached?

    Cheers – Heiko *concearned*

    https://wordpress.org/plugins/login-security-solution/

  • The topic ‘Understanding DoS tier bahavior’ is closed to new replies.