What URL are brute force attackers using? | WordPress.org

qlddrones
(@websupportguy)

9 years, 4 months ago

I’m using All In One WP Security plugin to protect my WordPress site and I’ve enabled almost every security feature it offers (some just don’t work reliably) but I’m still seeing at least 20 or so brute force login attempts each day. They use a variety of usernames and come from a wide variety of IP addresses so it’s hard to block them pre-emptively, although I try. I’ve even changed the WP-ADMIN.PHP to another location to deter them, but they keep coming.

My big question right now is how are they finding the WP login to attempt these brute force attacks? Have they found my re-named WP-ADMIN page? Or is there some other shortcut they can take to get to a user level login page? I don’t operate a member site and I don’t recall there being any pages where a login link is displayed. But maybe I’ve just forgotten?

Viewing 2 replies - 1 through 2 (of 2 total)

bdbrown
(@bdbrown)

9 years, 4 months ago

You might find this an interesting read: https://hackertarget.com/attacking-wordpress/

Thread Starter qlddrones
(@websupportguy)

9 years, 4 months ago

Thanks, that was an interesting read even if I didn’t understand a lot of it. I am running a Cloud VPS by the way, but would not know how to install OSSEC or configure it.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘What URL are brute force attackers using?’ is closed to new replies.

Tags

In: Fixing WordPress
2 replies
2 participants
Last reply from: qlddrones
Last activity: 9 years, 4 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics