Do you have a WordPress blog?
-
Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC
A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most...
-
@masonwheeler said in Do you have a WordPress blog?:
A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most...
Thankfully:
- I lock out IPs for an hour after 2 failed logins, for 24 hours after 2 more failed logins.
- I ban offending IPs regularly.
- I use a strong generated password.
Phew.
-
Good rules. I have WordFence set up to aggressively ban bad login attempts. I also use, as the first line of defense, a secret login name that's not related to the visible byline that goes on my posts. If I ever see someone start guessing that in my failed login attempt reports, I know to worry. But when it's just the same old same old ("admin," different variations on my name, different variations on the site name) I'm just like, "meh. They won't get in, and they'll go pick on a softer target."
