28 {{ upvoteCount | shortNum }}
28 {{ upvoteCount | shortNum }}

1,000/Day Hacking My Site

by Bruce Wedding
24 replies
Do you think your WP Blog is secure? I had no idea what was happening behind the scenes until I installed WP Security. Every day, I get around 1,000 attempts to login with bogus user names.

I'm not sure WTF these hackers want. There's nothing in the site that they could use but I suppose this is going on all over the net.

Here's a shot of my log from yesterday, note there are 19 PAGES of this crap and I cleared the logs yesterday. This happens every day.

#hacking #or day #site
  • Profile picture of the author NickSway
    If you have a site of 10,000+ active members, this is actually pretty common as people forget their login information all of the time and will try usernames of other forums/sites they are apart of. Though if it's for a site with little to no members, it's definitely an interesting occurrence.
    Signature
    >>> I'm a membership site guru! Let's team up! (CLICK HERE) <<<
    {{ DiscussionBoard.errors[7688282].message }}
  • Profile picture of the author Daniel Gates
    This is nuts. But then again, this may create an opportunity for entrepreneurs to sell products to protect our blog :rolleyes:
    Signature
    [Need Traffic?] Laser Niche Targeted Traffic @ Less Than 1c Per Prospective Customer!
    {{ DiscussionBoard.errors[7688293].message }}
    • Profile picture of the author robestrong
      Probably just 1 person scaling his efforts via more proxies and/or multiple accounts.
      {{ DiscussionBoard.errors[7689819].message }}
  • Profile picture of the author Alex Blades
    Might be a bot trying to get in to install a link, or malware. I think there are plugins that can have your login page on a custom url...
    Signature
    " I knew that if I failed, I wouldn't regret that.
    But I knew the one thing I might regret is not ever having tried. "

    ~ Jeff Bezos

    {{ DiscussionBoard.errors[7688298].message }}
  • Profile picture of the author Resale Rights Ninja
    when you are online you are constantly under attack. I spend a lot of time online and my computer I am on, and my sites are always dealing with threats. And on top of that you get people trying to social engineer you over the phone, Skype, and email. It is relentless.

    mostly it is kids. eventually they grow up and get jobs as security professionals. if people spent their time on im instead they would actually make money instead of just wasting their time.
    Signature

    PM Me Now!

    {{ DiscussionBoard.errors[7688315].message }}
  • Profile picture of the author Maui Joe
    needs more login lockdown

    WordPress › Login LockDown « WordPress Plugins
    {{ DiscussionBoard.errors[7688356].message }}
  • Profile picture of the author Jeffery
    Bruce,

    Reality check for you sir.. most site owners are not professional webmasters. Professional webmasters secure a site 'before' it is live on the internet. Example: if it is a WordPress site simply create a custom .htaccess file. There are lots of tips about securing any type of site with .htaccess, i.e. wordpress, html, php.

    You may not have anything that you think people may find or want on your own site. You could be wrong.. there are ways to redirect your traffic to different sites, i.e. your visitors or just hits to different sites.

    Jeffery 100% :-)
    Signature
    In the minute it took me to write this post.. someone died of Covid 19. RIP.
    {{ DiscussionBoard.errors[7688383].message }}
  • Profile picture of the author hajro
    Install some captcha plugin, or change login location ex. wp-admin change to 2423jdsfk
    {{ DiscussionBoard.errors[7688582].message }}
  • Profile picture of the author Bruce Wedding
    Just installed the SI Captcha Anti Spam plugin. We'll see how it goes. I'd already installed Better WP Security plugin.
    Signature
    {{ DiscussionBoard.errors[7688680].message }}
    • Profile picture of the author Cool Hand Luke
      [DELETED]
      {{ DiscussionBoard.errors[7688691].message }}
      • Profile picture of the author Bruce Wedding
        Originally Posted by Cool Hand Luke View Post

        Bruce, also make sure to install the Limit Login Attempts plugin if you haven't already. You can set it so that brute force login attempt attacks can't work. Depending on your settings, it will automatically lock IPs out of even accessing your login page after a certain amount of failed tries.
        Actually "Better WP Security" includes that feature, which I've implemented. I just tightened it up though to allow fewer attempts per user and host.
        Signature
        {{ DiscussionBoard.errors[7688829].message }}
  • Profile picture of the author drewfioravanti
    I don't know how reliable this is, but it scans your website for malware.

    Sucuri SiteCheck - Free Website Malware Scanner
    {{ DiscussionBoard.errors[7688706].message }}
  • Profile picture of the author MartinPlatt
    That looks more like honest attempts to log in, rather than someone trying to brute force or dictionary attack your site....
    Signature

    Martin Platt
    martin-platt.com

    Stuck with earning commissions online? Get this get this uncensored affiliate marketing guide for free (sold as coaching for $4,997)

    {{ DiscussionBoard.errors[7689608].message }}
    • Profile picture of the author KirkMcD
      Originally Posted by MartinPlatt View Post

      That looks more like honest attempts to log in, rather than someone trying to brute force or dictionary attack your site....
      Yeah, something else is going on. Those aren't hack attempts. They wouldn't be choosing random, real looking names like that and they would be trying with the same name much more than once.
      {{ DiscussionBoard.errors[7689653].message }}
      • Profile picture of the author onegoodman
        Originally Posted by KirkMcD View Post

        Yeah, something else is going on. Those aren't hack attempts. They wouldn't be choosing random, real looking names like that and they would be trying with the same name much more than once.
        I agree with KirkMcD, if it is a bot or a hacker trying to break through, would pick one username and try more often. I personally would go for admin / administrator lol
        Signature
        {{ DiscussionBoard.errors[7689687].message }}
        • Profile picture of the author Bruce Wedding
          Originally Posted by onegoodman View Post

          I agree with KirkMcD, if it is a bot or a hacker trying to break through, would pick one username and try more often. I personally would go for admin / administrator lol
          You'd fail there because I NEVER use those
          Signature
          {{ DiscussionBoard.errors[7689712].message }}
      • Profile picture of the author Bruce Wedding
        Originally Posted by KirkMcD View Post

        Yeah, something else is going on. Those aren't hack attempts. They wouldn't be choosing random, real looking names like that and they would be trying with the same name much more than once.
        This site has about 300 members and NONE of their names are showing up in that list and I'm not getting any complaint emails. I'm not sure what's going on but it's not my regular members. Look at the timing.
        Signature
        {{ DiscussionBoard.errors[7689708].message }}
  • Profile picture of the author so11
    Hello,

    1000/day sounds like a pretty persistent attack.

    1. Make sure that all authentication related configurations are harden.
    2. If you can, use IP lockout feature (3 attemps is more than enough).

    good luck
    Signature
    www.groupesoloviev.com
    We help businesses manage cyber risk and compliance requirements.
    {{ DiscussionBoard.errors[7695875].message }}
  • Profile picture of the author karlmay1980
    Will be a bot trying to put malware on no doubt, blogs are big targets for this type of thing. They can do quite a lot of damage if successful including getting you banned from the likes of Google.

    WordPress security is good business and it is one of the better cms platforms for security too!
    Signature
    Want To Make Your First £10,000 Online?
    {{ DiscussionBoard.errors[7696011].message }}
  • Profile picture of the author Bruce Hearder
    Howz this for an idea to get back at the hackers/spammers trying to get into your website.

    Modify your WP signup/login form so that all login attempts to your site that are not real users, get sent to a page that looks like they have logged in (They are not actually logged in at all )

    On that page you can :
    1. Get them to click a FB like button to progress further. As soon as this is done, they are thrown to Google or some othr website.

    2. Open an iFRAME and cookie stuff them so that you can make some affiliate commissions out of them..

    3. The possibilities are endless.. Let your mind run amok with ideas..

    Sneaky WP tricks is a good way to turn the tables on WP spammers and hackers..

    Hope this gives you a few you a few ideas..

    Bruce
    {{ DiscussionBoard.errors[7709684].message }}
    • Profile picture of the author CyberAlien
      Originally Posted by Bruce Hearder View Post

      Howz this for an idea to get back at the hackers/spammers trying to get into your website.

      Modify your WP signup/login form so that all login attempts to your site that are not real users, get sent to a page that looks like they have logged in (They are not actually logged in at all )

      On that page you can :
      1. Get them to click a FB like button to progress further. As soon as this is done, they are thrown to Google or some othr website.

      2. Open an iFRAME and cookie stuff them so that you can make some affiliate commissions out of them..

      3. The possibilities are endless.. Let your mind run amok with ideas..

      Sneaky WP tricks is a good way to turn the tables on WP spammers and hackers..

      Hope this gives you a few you a few ideas..

      Bruce
      Most of the automated bots that I have trying to get in to my control panel are originating from China. After 2 failed login attempts I have it set to automatically redirect them here so they can deal with their own government lol: http://www.gov.cn/im-hacking-your-website-china
      {{ DiscussionBoard.errors[7709722].message }}
    • Profile picture of the author sonas
      Originally Posted by Bruce Hearder View Post

      Howz this for an idea to get back at the hackers/spammers trying to get into your website.

      Modify your WP signup/login form so that all login attempts to your site that are not real users, get sent to a page that looks like they have logged in (They are not actually logged in at all )

      On that page you can :
      1. Get them to click a FB like button to progress further. As soon as this is done, they are thrown to Google or some othr website.

      2. Open an iFRAME and cookie stuff them so that you can make some affiliate commissions out of them..

      3. The possibilities are endless.. Let your mind run amok with ideas..

      Sneaky WP tricks is a good way to turn the tables on WP spammers and hackers..

      Hope this gives you a few you a few ideas..

      Bruce
      Nice out of the box thinking! Offence is the best form of Defence as they say
      {{ DiscussionBoard.errors[7709736].message }}
  • Profile picture of the author rodneys
    This is most likely a bot. Where is the traffic originating from? See if securiilock.com can help.
    {{ DiscussionBoard.errors[7767701].message }}
  • Profile picture of the author John Romaine
    Its probably the security plugin that you've installed doing this, so you run around telling everyone how great it is at preventing unwanted hack attempts.

    Just like you've done here
    Signature

    BS free SEO services, training and advice - SEO Point

    {{ DiscussionBoard.errors[7767710].message }}

Trending Topics