1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

hacker after my site.

Discussion in 'Blogging' started by asiabob, Sep 9, 2013.

  1. asiabob

    asiabob Newbie

    Joined:
    Aug 6, 2013
    Messages:
    9
    Likes Received:
    0
    Anyone else using wordpress getting hit by brute force attempts?
    I have over 350 ip's of the hacker, please see below for the current 50.
    Also please use limit "log in attempts" plug in. It will save you a ton of headaches!

    1.34.20.157
    101.109.251.179
    101.109.251.191
    101.109.251.192
    103.10.67.24
    103.31.186.100
    105.227.99.221
    105.239.206.37
    109.100.195.97
    109.200.175.145
    109.235.225.15
    109.237.127.172
    109.254.118.227
    109.86.194.116
    112.198.64.2
    115.126.173.102
    115.250.7.9
    117.103.93.234
    123.236.92.169
    130.255.216.59
    151.238.0.48
    151.238.29.21
    151.239.23.249
    151.240.115.88
    151.241.112.70
    151.241.86.250
    151.244.220.118
    151.245.18.63
    151.245.51.250
    151.246.152.62
    151.247.150.105
    151.247.162.37
    151.247.65.95
    151.250.101.8
    165.98.223.11
    176.73.227.109
    176.73.81.205
    177.192.212.227
    177.193.169.72
    177.228.131.222
    178.121.180.176
    178.165.39.75
    178.205.222.177
    178.209.152.77
    178.77.186.125
    178.91.81.176
    180.214.96.215
    181.112.0.233
    181.112.120.208
    181.112.32.244
     
  2. the_demon

    the_demon Jr. Executive VIP

    Joined:
    Nov 23, 2008
    Messages:
    3,177
    Likes Received:
    1,563
    Occupation:
    Search Engine Marketing
    Location:
    The Internet
    Your case is nothing special. Hackers hit up hundreds of thousands of blogs per day with brute force.
     
    • Thanks Thanks x 1
  3. bertbaby

    bertbaby Elite Member

    Joined:
    Apr 15, 2009
    Messages:
    2,019
    Likes Received:
    1,496
    Occupation:
    Product marketing
    Location:
    USA
    Home Page:
    Yep, I use security plugins that block after three attempts and I have reviewed my logs and blocked some of the more obvious offenders.

    Nothing personal, they do this all the time!
     
  4. HelloInsomnia

    HelloInsomnia Jr. Executive VIP Jr. VIP Premium Member

    Joined:
    Mar 1, 2009
    Messages:
    1,816
    Likes Received:
    2,911
    • Thanks Thanks x 2
  5. nichelinks

    nichelinks Junior Member

    Joined:
    Jan 11, 2013
    Messages:
    118
    Likes Received:
    37
    Occupation:
    SEO Analyst
    Location:
    IM
    This was an attack of unprecedented nature from a botnet operating on over 90,000+ IP addresses. Due to the nature of the attack, memory consumption on targeted servers has increased. In some cases this has resulted in degradation of performance, and unresponsive servers. This was due to a high volume of http requests which can cause some servers to start swapping memory to disk, and possibly run out of memory.
     
  6. auwal

    auwal Newbie

    Joined:
    Sep 6, 2013
    Messages:
    49
    Likes Received:
    5
    Occupation:
    Student, Secondly Online Freelancer.
    Location:
    Dhaka, Bangladesh.
    Friend I think there is nothing to be worry. These all are dynamic IP addresses specially provided by WiMax service providers. Ordinarily they provide dynamic IPs to their customers, if the customers didn't apply for an static IP address.

    Otherwise if you are sure about any of these IP, Then block them.

    Good Luck.
     
  7. royserpa

    royserpa Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 28, 2011
    Messages:
    4,645
    Likes Received:
    3,491
    Gender:
    Male
    Occupation:
    Negative Options aka Rebills!
    Location:
    Royserpa
    Home Page:
    Cool story OP. Just let the hacker hack your blog and then hire someone to get him outta there :D:D

    [/troll]
     
  8. mirajkadam

    mirajkadam Regular Member

    Joined:
    Jul 18, 2013
    Messages:
    245
    Likes Received:
    38
    Occupation:
    SEO
    Location:
    Mumbai
    Was ur blog fucked up?
     
  9. y2kh8r

    y2kh8r Junior Member

    Joined:
    Nov 9, 2008
    Messages:
    146
    Likes Received:
    84
    I found a pretty sweet fix, several of my blogs were getting the same kind of action, and because of the size of the botnet, simply banning IPs as they show up, well, it's useless- they can attack for days without hitting three attempts with one IP.

    There's a plugin called iq block country. You can literally block entire countries from accessing your backend, frontend, whatever. Just search for block country in your wordpress backend plugin area.

    I chose to block all but my own country from seeing the backend. Pretty easy once you get a rhythm down- there's a massive list, but go to the add countries area and press "A", then "enter" repeatedly until you run out of countries to add, then go through the entire alphabet this way. Then , do a CTRL+F, and make sure your country is not in that list. That last bit is ridiculously important.

    The other plugin I'm trying out is called "bruteprotect" and it blocks known bad IPs from your login page.

    Also, you can rename your login page, but don't forget what you named it to. There's a plugin for that as well.

    One last thing- get cloudflare if you can.
     
  10. metalfreek

    metalfreek Junior Member

    Joined:
    May 21, 2010
    Messages:
    139
    Likes Received:
    58
    The security plugin in each of my wordpress installation are

    1. Wordpress Firewall 2
    2. WordPress File Monitor Plus
    3. Better WP Security (also use for regular database backup)
     
  11. kindarthur

    kindarthur Jr. VIP Jr. VIP

    Joined:
    Nov 27, 2011
    Messages:
    2,212
    Likes Received:
    332
    Some security plugins that actively prevent against hacking attempts. Use free plugins like Better WP security and Bulletproof security.
     
  12. 7thAmigo

    7thAmigo Jr. VIP Jr. VIP

    Joined:
    Dec 4, 2011
    Messages:
    959
    Likes Received:
    63
    Location:
    Area 51
    You can also use a 3rd party firewall so that all your traffic is filtered and then directed to your site.
     
  13. nichelinks

    nichelinks Junior Member

    Joined:
    Jan 11, 2013
    Messages:
    118
    Likes Received:
    37
    Occupation:
    SEO Analyst
    Location:
    IM
    It's been a headace for long time. I was recommended by Bluehost to use "Captcha anti spam" wordpress plugin to tackle the brute force attack.