WordPress sites getting brute forced (wp-login.php)


Over the past few weeks we have seen an increasingly distributed number of distributed attacks against wordpress sites, using wp-login.php .These attacks come from such a distributed source that almost 400 different IP’s try to attack the login file, and the purpose isn’t to actually gain access to your WP admin, but to attack the server, causing it to shut down, or become non responsive.

After a bit of researching, it’s highly recommended that all clients with wordpress sites install the Botnet Attack Blocker plugin, and use the following settings in your wp-admin/settings/botnet blocker:

Block after 1 failed login
Except from your ip addresses (whitelist). You can add multiple IP’s with a coma . If you need to find out what your ip is, you can always ask google

This will not only provide a more secure environment for your WP-admin, it will help us in mitigating these attacks, as these failed logins will be blocked from your install.

As always, if you need help installing this, or have questions, feel free to open up a support ticket and we’ll assist you as much as we can 🙂

No Comments

Leave a Reply

You must be logged in to post a comment.