Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
|
Many have businesses in both adult and mainstream. Come here to discuss your mainstream business, find new traffic opportunities, new programs to promote, and more! Whether you are in the FOREX, dating, gambling, gaming, herbal products, blogging, or any other mainstream business this forum will take your business to the next level! |
|
Thread Tools |
10-15-2015, 10:19 AM | #1 |
Confirmed User
Industry Role:
Join Date: Sep 2008
Posts: 292
|
High server load of wp-login bots
Hi
On my defiacted server I have the last days massive attacks of my wp-login.php, that I get a massive server load from 50 and more. I used plugins like wordfence which are IPs blocking which want to loginto the WordPress sites with wrong usernames. All user names are changed from admin to something else with strong passwords. I thought would fence with blocking IPS would help, but the server load is till high. So o tried a plugin which will move the wp.login.php to a name I like and puts out an error message on the old wp-login.php But the server load is still high. What can you suggest me? Would a .htaccess password protection help more instead of the plugin? Would be happy when someone can give me some tips. Greets |
10-25-2015, 10:43 AM | #2 |
Confirmed User
Industry Role:
Join Date: Apr 2008
Location: Phoenix
Posts: 142
|
Some tips you could try blocking..
from your firewall, htaccess, and webserver (this maybe too much hassle, I would stick with the first two options). |
10-25-2015, 02:13 PM | #3 |
Confirmed User
Industry Role:
Join Date: Jul 2014
Posts: 57
|
Try cloudflare wordpress plugin.
Cloudflare is very good for protect your site for Free. |
10-27-2015, 10:07 AM | #4 |
Confirmed User
Industry Role:
Join Date: Sep 2008
Posts: 292
|
Hi
thanks for the infos. At moment we tried it with the firewall on the server and the htaccess rules for the wp-admin, but now seems that all the attacks are going to the index.php and i have no idea why... And my server management team seems that they dont can solve that problem at moment. So does someone knows a good server management service and recoomend someone? Greets |
10-27-2015, 11:02 AM | #5 |
Confirmed User
Industry Role:
Join Date: Nov 2005
Posts: 2,539
|
There's some basic information here you can try:
1st things first: protect your wordpress install against brute force at the very basic level: Brute Force Attacks « WordPress Codex 2nd, unless you use it, just delete xmlrpc.php OR, restrict access to it (see point #1 above to see how to restrict access to specific files) 3rd, have your sysadmin add a tool such as fail2ban which will count failed access and just block them in a "jail" inside your server's linux firewall. And auto expire them. It will require some tweaking, but it's really effective. 4th, you can visit the Blocklist site below and download the IP lists of the reported bad ip's in a specific timeframe. These are IP's that were flagged and banned from various fail2ban installations and including everything from brute force wordpress attempts to bruteforce ssh attempts. http://www.blocklist.de/en/export.html There's certainly other options, but the above should give you a good starting point, and certainly should be something your sysadmin can implement for you. If not, get a new host.
__________________
NSFW |
10-27-2015, 11:30 AM | #6 |
Confirmed User
Industry Role:
Join Date: Sep 2008
Posts: 292
|
Hi Robwod,
thanks for your tips. 1. Against brute fore on wordpress i have installed Wordfence which blocks that attempts and also locked down the wp-login.php with a .htaccess. 2. xmlrpc.php has been blocked by my technicans on the whole server 3. fail2ban is already installed on the server, my technicans say. What i dont understand is, that i get now all attacks directly on the index.php of wordpress. Is there somewhere in WHM a possibility where i can see it more detailed which file they try to attack? So that i can block this more specific? Greets |
11-04-2015, 10:06 AM | #7 |
Registered User
Industry Role:
Join Date: Sep 2015
Posts: 66
|
Hello if you are still having problems consider changing your host.
We can definitely help you out at host4porn.com we have cheap dedicated servers for all needs. Contact me back if you are interested I’m sure you won’t have all those problems with us thanks to our 24/7 friendly support. Expedited Free Setup.
__________________
host4porn If its legal its allowed ServeYourSite Leading provider of adult shared hosting, vps and dedicated servers [email protected] [email protected] |
05-11-2016, 10:47 AM | #8 |
Registered User
Industry Role:
Join Date: May 2016
Posts: 15
|
Identifies the Ips and blocked in the htaccess. That worked for me.
|
05-13-2016, 02:51 AM | #9 |
Too lazy to set a custom title
Industry Role:
Join Date: Feb 2005
Posts: 17,173
|
It should be possible to block them via htaccess. You can also ask your host to do it for you.
|
05-14-2016, 12:10 AM | #10 |
So Fucking Banned
Industry Role:
Join Date: Jul 2015
Location: USA
Posts: 366
|
Where do you have your server ? Which host company ?
|
05-18-2016, 03:32 AM | #11 |
Confirmed User
Industry Role:
Join Date: Apr 2014
Posts: 38
|
Those brute force attacks can be filter through custom scripts for fail2ban. The ip will be blocked at firewall level so it won't hit again the server.
__________________
█ TempleNode.com █ Tube Script Hosting █ Server Management █ Email Us: [email protected] █ Skype: templenode |
05-19-2016, 11:56 PM | #12 |
Confirmed User
Industry Role:
Join Date: Oct 2013
Location: France
Posts: 226
|
This is how I solved the problem (I have wordfence installed aside too).
https://fr.wordpress.org/plugins/custom-login-url/ So I changed my login url to something like mysite.com/Imthefreakingboss and all problems solved as they will not find the url. And if they do you can just change it again...
__________________
email: [email protected] email me for link trades/hardlink exchanges ICQ : 665974711 my sites: http://hardcoreteenfuck.com |
06-13-2016, 09:42 AM | #13 |
Registered User
Industry Role:
Join Date: May 2016
Posts: 8
|
They're most likely attacking you because you're using a wordpress site. Try Hide My WP. It's a plugin to hide the fact that you're using wordpress.
__________________
Clark A | Web Developer |