LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page Large WordPress distributed brute force attack underway
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 02-10-2014, 12:30 PM   #1
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Large WordPress distributed brute force attack underway

Large distributed brute force attack underway

looks to be massive.
If you don't have Wordfence (a product I do recommend) then use this in your .htaccess of apache|http conf file to keep knuckleheads out.

Code:
<Files wp-login.php>
order deny,allow
deny from all
allow from xx.yy.zz.aa             # Comment0
Allow from aaa.bbb.ccc.ddd        # Comment1
</Files>
multiple allow stanzas are ok.

If you use that in your apache|http conf file, be certain to restart your web-server software.

You'll see entries like these in your server logs:
Code:
[Mon Feb 10 07:30:21 2014] [error] [client 146.0.74.202] client denied by server configuration: /var/www/cirrhus9/wp-login.php
[Mon Feb 10 08:04:08 2014] [error] [client 146.0.78.9] client denied by server configuration: /var/www/cirrhus9/wp-login.php
after you implement this.
Last edited by Habitual; 02-10-2014 at 12:34 PM.
 
Old 02-11-2014, 02:52 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Thanks for the heads up but IMNSHO by now one should be marked as criminally negligent if they didn't shield their wp admin stuff already. That's just plain asking for trouble.
 
Old 02-11-2014, 05:40 PM   #3
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374

Original Poster
Blog Entries: 37

Rep: Reputation: Disabled
You're preaching to the choir Brother!

But I had to offer some solution, as someone in 10 years from now will do an IIGC and find "knucklehead" on this site.

Preach On!
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DDoS and brute force attack romanepo Linux - Security 1 01-29-2014 05:50 AM
[SOLVED] Postfix/SMTPD brute force attack - what is it trying to do? ScottG Linux - Server 4 09-17-2013 04:48 PM
POP3 brute force attack help glyn3332 Linux - Security 2 10-13-2008 05:12 AM
brute-force-ssh-attack saavik Linux - Security 6 09-05-2008 01:01 AM
How did the NASA get hacked, was it just a brute force attack? abefroman Linux - Security 2 05-18-2005 05:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 08:10 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration