[Ipg-smz] wordpress attack

VM Brasseur vmb at vmbrasseur.com
Fri Oct 26 15:47:47 UTC 2018 

Yes! I'm looking forward to paying for the upgrade soon. It's definitely worth it.

--V

> On 26 Oct 2018, at 08:35, Lynn Greiner <lists at itwriter.com> wrote:
> 
> My husband installed the free version too, and found it so useful he's now
> paying.
> 
> -----Original Message-----
> From: Ipg-smz <ipg-smz-bounces at netpress.org> On Behalf Of VM Brasseur
> Sent: Friday, October 26, 2018 11:15 AM
> To: ipg-smz at netpress.org
> Subject: Re: [Ipg-smz] wordpress attack
> 
> About a year ago I installed the Wordfence plugin on my sites:
> 
> https://www.wordfence.com/
> 
> So far I've only been using the free version and have been *very* happy with
> it. Not only does it automatically block a lot of stuff, I can also ban
> login attempts using certain usernames.
> 
> (using this in addition to Tom's suggestions should take care of most/all
> attacks)
> 
> --V
> 
>> On 26 Oct 2018, at 08:05, Tom Henderson <thenderson at extremelabs.com>
> wrote:
>> 
>> Greetings Guilders,
>> 
>> One of my honeypot sites has been under attack for a week. I've written
> this up, but it'll be a while before it sees the light of HTML.
>> 
>> Here's a quick warning for Wordpress users: don't use an administrator
> that has the word admin in its name. Over 400 different IPs have been using
> variations on that name, then a dictionary attack until the site times out
> in failures. Create an administrator user with a tough to guess name,
> peppered with characters. Then delete the admin user that's there by
> default. Once they start, they do not relent, and complaints to ISPs in Laos
> and Albania go unanswered-- two of eleven ISPs infected with this botnet.
>> 
>> Crawlers also look for the names of posters, and I suspect that an attack
> of individual $poster_name is next. It's methodical, and fun to watch.
>> 
>> Summary: no "admin" string in your administrative logon name; do not let
> that administrative user post anything so that its name is unknown to
> crawlers.
>> 
>> Tom
>> 
>> -- 
>> Tom Henderson
>> ExtremeLabs, Inc.
>> +1 317 250 4646
>> Twitter: @extremelabs
>> Skype: extremelabsinc
>> 
>> 
>> -- 
>> Ipg-smz mailing list
>> Ipg-smz at netpress.org
>> http://netpress.org/mailman/listinfo/ipg-smz_netpress.org
> 
> 
> -- 
> Ipg-smz mailing list
> Ipg-smz at netpress.org
> http://netpress.org/mailman/listinfo/ipg-smz_netpress.org
> 
> 
> -- 
> Ipg-smz mailing list
> Ipg-smz at netpress.org
> http://netpress.org/mailman/listinfo/ipg-smz_netpress.org

More information about the Ipg-smz mailing list