[Ipg-smz] wordpress attack
Lynn Greiner
lists at itwriter.com
Fri Oct 26 15:35:40 UTC 2018
My husband installed the free version too, and found it so useful he's now
paying.
-----Original Message-----
From: Ipg-smz <ipg-smz-bounces at netpress.org> On Behalf Of VM Brasseur
Sent: Friday, October 26, 2018 11:15 AM
To: ipg-smz at netpress.org
Subject: Re: [Ipg-smz] wordpress attack
About a year ago I installed the Wordfence plugin on my sites:
https://www.wordfence.com/
So far I've only been using the free version and have been *very* happy with
it. Not only does it automatically block a lot of stuff, I can also ban
login attempts using certain usernames.
(using this in addition to Tom's suggestions should take care of most/all
attacks)
--V
> On 26 Oct 2018, at 08:05, Tom Henderson <thenderson at extremelabs.com>
wrote:
>
> Greetings Guilders,
>
> One of my honeypot sites has been under attack for a week. I've written
this up, but it'll be a while before it sees the light of HTML.
>
> Here's a quick warning for Wordpress users: don't use an administrator
that has the word admin in its name. Over 400 different IPs have been using
variations on that name, then a dictionary attack until the site times out
in failures. Create an administrator user with a tough to guess name,
peppered with characters. Then delete the admin user that's there by
default. Once they start, they do not relent, and complaints to ISPs in Laos
and Albania go unanswered-- two of eleven ISPs infected with this botnet.
>
> Crawlers also look for the names of posters, and I suspect that an attack
of individual $poster_name is next. It's methodical, and fun to watch.
>
> Summary: no "admin" string in your administrative logon name; do not let
that administrative user post anything so that its name is unknown to
crawlers.
>
> Tom
>
> --
> Tom Henderson
> ExtremeLabs, Inc.
> +1 317 250 4646
> Twitter: @extremelabs
> Skype: extremelabsinc
>
>
> --
> Ipg-smz mailing list
> Ipg-smz at netpress.org
> http://netpress.org/mailman/listinfo/ipg-smz_netpress.org
--
Ipg-smz mailing list
Ipg-smz at netpress.org
http://netpress.org/mailman/listinfo/ipg-smz_netpress.org
More information about the Ipg-smz
mailing list