Website hacking problem how to block admin access

by sktthemes

Posted: 10 years ago 9 replies

PROGRAMMING

Okay i have a website sktthemes.net and it keeps on coming under fire from hackers in Turkey.

Now how do i know?

Quite simple my site is in wordpress and i have better wp security plugin installed.

So it keeps on sending me emails about ip getting locked due to too many login attempts.

IPs are: 78.160.130.138, 95.10.161.141 and so on many like 20 in a day.

If you trace those IPs all come from Turkey.

My question is very simple. I need to know how to block all admin access for IPs other than Indian IPs where we are so that such kind of hacking attempts don't happen.

Sorry for such a long post/thread.

#access #admin #block #block admin access #hacking #problem #website

lepunk 10 years ago
you can try adding something like this to your .htaccess file
Code:

RewriteCond %{REMOTE_ADDR} !^93.89.95.250$ RewriteCond %{REQUEST_URI} (wp-admin) RewriteRule (.*) / [NC,QSA,L]
Obviously replace the ip with your ip. Basically what the rul says: if the user's ip is not the one given and the url contains "wp-admin" redirect the user to the main page

If you have dynamic ip address you can do stuff like !^93.89.\d+.\d+ to allow certain ranges
- [ 2 ] Thanks
- 1 reply
{{ DiscussionBoard.errors[8690511].message }}
- sktthemes 10 years ago
  
  Awesome thanks for your valuable suggestion
  
  Thanks
  
  Signature
  SKT WordPress Themes
  
  {{ DiscussionBoard.errors[8693543].message }}
RobinInTexas 10 years ago

Rather than sending the miscreant to another place on your site, or anywhere else for that matter, I prefer sending them back to themselves.

RewriteCond %{REMOTE_ADDR} !^93.89.95.250$
RewriteCond %{REQUEST_URI} .wp-login.php\.php*
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
- Thanks
Signature

Robin

...Even if you're on the right track, you'll get run over if you just set there.
{{ DiscussionBoard.errors[8706373].message }}
Nett 10 years ago
Here is the way to do it:
Go to wp-login.php using FTP, add this line directly below <?php
Code:

if ($_GET['admincode']==128364){
and add
Code:

}
below
Code:

require( dirname(__FILE__) . '/wp-load.php' );
So the top of the file should look like this:
Code:

<?php if ($_GET['admincode']==128364) { /** * WordPress User Page * * Handles authentication, registering, resetting passwords, forgot password, * and other user handling. * * @package WordPress */ /** Make sure that the WordPress bootstrap has run before continuing. */ require( dirname(__FILE__) . '/wp-load.php' ); }
To gain access to the login page, add ?admincode=128364 after the URL, so it will look like this:
Code:

http://yourwebsite.com/wp-login.php?admincode=128364
What is does is that it blocks the server's access to wp-load.php if the admincode attribute is incorrect, therefore no login forms will be displayed. Of course you can change the code to something you like.
Hope it helps!
- [ 1 ] Thanks
{{ DiscussionBoard.errors[8708006].message }}
MrLeN 10 years ago
Or, you could make the page only show up if your IP is detected:
Code:

$admin_ip = "123.456.789.123"; if ($_SERVER["REMOTE_ADDR"] != $admin_ip ) { echo "get lost turkey head!"; exit; }
Just put that line at the top of the template... will fix all problems in 1 second
- Thanks
{{ DiscussionBoard.errors[8710185].message }}
RobinInTexas 10 years ago

BAD ADVICE

Originally Posted by Nett

Here is the way to do it:
Go to wp-login.php using FTP, add this line directly below
x---------snip-------------x

It's always a bad practice to edit wordpress core files for any reason.

I would give you 2 suggestions, my preference would be to use Wordfence plugin to guard against unwanted logins as it gives you the ability to better control login attempts, including giving you the ability to immediately lock out an IP after the first attempt to login with an invalid user name.
In the alternative you could deselect having Better WP Security send notifications that it is doing its job and locking the bad guys out.

I have done the same with Wordfence, I don't feel the need to be reminded that miscreants are trying unsuccessfully to log in to my sites.
- Thanks
Signature

Robin

...Even if you're on the right track, you'll get run over if you just set there.
{{ DiscussionBoard.errors[8710247].message }}
lepunk 10 years ago

I can't believe that SQL injection is still something you have to worry about in 2013.
PDO has been around for ages and everyone should use it.

Why is this still a problem?
- Some shared hosts don't have compiled PDO so script developers need to use mysql_* or mysqli instead
- If you google "php mysql tutorial" this comes up: PHP MySQL Insert Into See the problem? Most people learns using PHP and mySQL based on this (sigh)

Thank god the mysql_* library will be completely deprecated in 5.5, hopefully the madness will end
- Thanks
{{ DiscussionBoard.errors[8722220].message }}
MichaelLamb 10 years ago

This looks very interesting, definately worth to take a look to wp security part
- Thanks
{{ DiscussionBoard.errors[8736699].message }}
MichaelLamb 10 years ago

This looks very interesting, definately woth to take a look to the wp security part.

Sorry duplicated post.
- Thanks
{{ DiscussionBoard.errors[8736701].message }}

Website hacking problem how to block admin access

Trending Topics

How do I effectively build and nurture an email list for affiliate marketing purposes?

Are Solo ADs the Most Cost Effective Way to Promote your Product?

Are billboards still effective in driving customers?

Been a while! Any of you Old Timers here?

How much does the rebranding affect CR ?