1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

security plugins for wordpress? my blog is under attack!

Discussion in 'Black Hat SEO' started by tony20, Dec 1, 2013.

  1. tony20

    tony20 Power Member

    Joined:
    Nov 22, 2008
    Messages:
    725
    Likes Received:
    41
    Gender:
    Male
    Occupation:
    Making mo moneyyyy
    Location:
    Scotland the Brave!!
    hi guys

    what are the best security plugins for a wordpress site?

    is there a good all rounder?

    I have just looked at my stats and I seem to be having a ton of one page views on internal pages! could this be a brute force attack?

    The stats say its no "referral link", which means its a type in or bookmark. but my site is only a couple months old and doesn't get that much traffic. but now I am getting a really bad bounce rate!

    582 unique - 826 page views and 51 returning visitors. << 12 hours so far.

    usually its:

    610 unique - 1,190 page views and 21 returning visitors. (my stats a couple of days ago) << and that's a 24 hour period.

    I have not done anything to get these visitors, no social traffic or anything. seems to be bots or a some kind of attack. just one page views on random inner pages.

    anyone know what is happening?

    thanks
     
  2. laowai

    laowai Power Member

    Joined:
    Feb 27, 2011
    Messages:
    522
    Likes Received:
    184
    Which stats you are using? Could be just some of the many search engine crawlers which are not detected by your stats. If its not SE crawler it could be scraper bot harvesting your site. In any case its not brute force attack as its accessing your internal pages not your login page. If all calls are coming from same IP you can block the IP by using .htaccess file. In any case, don't panic as it doesn't sound too serious.

    What comes to security plugins checkout: wordfence and bulletproof security plugins.
     
    • Thanks Thanks x 1
    Last edited: Dec 1, 2013
  3. tony20

    tony20 Power Member

    Joined:
    Nov 22, 2008
    Messages:
    725
    Likes Received:
    41
    Gender:
    Male
    Occupation:
    Making mo moneyyyy
    Location:
    Scotland the Brave!!
    I'm using statcounter.com mate.

    they are all random ip addresses, different country's.
     
  4. laowai

    laowai Power Member

    Joined:
    Feb 27, 2011
    Messages:
    522
    Likes Received:
    184
    Ok, then its not any SE crawlers for sure. Most likely some bot then and if you get only single hits per page then it could be some scraper. Nothing too much that you can do as you cannot block the requests by IP. You could always check if the user agent is same and block by that but it could block also natural users. Anyway, as long its just random hits to your internal pages it shouldn't hurt you otherwise than by consuming your bandwidth and affect to your bounce rate like you said which is not that relevant. Most likely things gets back normal soon as there is no benefit to anyone just keep on calling your internal pages. It can be of course some kind of scanning of your site for vulnerabilities like SQL injection, but again not too much that you can do against that.
     
    • Thanks Thanks x 1
  5. tony20

    tony20 Power Member

    Joined:
    Nov 22, 2008
    Messages:
    725
    Likes Received:
    41
    Gender:
    Male
    Occupation:
    Making mo moneyyyy
    Location:
    Scotland the Brave!!
    thanks mate. i'll install those two plugins. cheers
     
  6. tony20

    tony20 Power Member

    Joined:
    Nov 22, 2008
    Messages:
    725
    Likes Received:
    41
    Gender:
    Male
    Occupation:
    Making mo moneyyyy
    Location:
    Scotland the Brave!!
    My site is a picture site and I have recently seen a big jump in bandwidth usage on my amazon S3 account.

    In fact, up to now I have not been charged anything for their service (its free up to so many gb's of transfer) but the month of November I have paid over $10. I know its only a small amount but it could get worse! I am being to wonder if someone is hotlinking my images? Do you think that's what these no referrer visits are? my traffic and page views is staying the same (apart from these ghost visits) but the bandwidth is going up?

    Many thanks
     
  7. tony20

    tony20 Power Member

    Joined:
    Nov 22, 2008
    Messages:
    725
    Likes Received:
    41
    Gender:
    Male
    Occupation:
    Making mo moneyyyy
    Location:
    Scotland the Brave!!
    176 views and only one reply? lol anyone else?
     
  8. tony_d

    tony_d Elite Member

    Joined:
    Jun 22, 2013
    Messages:
    2,581
    Likes Received:
    3,163
    Location:
    1600 Amphitheatre Parkway, Mountain View CA
    This seems the most likely explanation. It's possible to block direct linking to images, unless it comes from an internal referrer (eg, your gallery page) - not sure how to do it, but it annoys me when I'm trying to hotlink and it's blocked :p
     
  9. hamish11

    hamish11 Regular Member

    Joined:
    Oct 8, 2011
    Messages:
    285
    Likes Received:
    137
    Occupation:
    IT Project Manager
    Location:
    SoCal
    If you are looking for a plugin to help with security, I recommend Better WP Security, it is pretty robust.
     
  10. Spawnie

    Spawnie Power Member

    Joined:
    Feb 1, 2010
    Messages:
    716
    Likes Received:
    290