1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Someone trying to hack my site!

Discussion in 'Black Hat SEO' started by deepblack, Jul 11, 2014.

  1. deepblack

    deepblack Regular Member

    Joined:
    Dec 29, 2012
    Messages:
    219
    Likes Received:
    17
    Home Page:
    Can someone please tell me what to do?

    Wordfence tells me for the last 2 hours that a user with hostname mx.eureka.sg is trying to login to my WP site. The exact IP is also given.

    What can I do now?
     
  2. Godziwa

    Godziwa Regular Member

    Joined:
    Jun 18, 2014
    Messages:
    446
    Likes Received:
    220
    If you are using wordpress, download something called login lockdown.
     
  3. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Premium Member

    Joined:
    Nov 10, 2012
    Messages:
    10,139
    Likes Received:
    28,608
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    You can use Wordfence to block the IP or add these plugins and the problem will be fixed:

    http://wordpress.org/plugins/stealth-login-page/
    http://wordpress.org/plugins/rename-wp-login/

    Also Cloudflare blocks a lot of bad bots etc
    http://wordpress.org/plugins/cloudflare/
     
  4. Zevoltai

    Zevoltai Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 29, 2013
    Messages:
    794
    Likes Received:
    237
    My solution to this was to redirect to goatse after 5 failed logins
     
    • Thanks Thanks x 2
  5. Ripster

    Ripster Registered Member

    Joined:
    Jun 30, 2013
    Messages:
    55
    Likes Received:
    10
    Occupation:
    Online Marketer
    Location:
    USA
    Home Page:
    There are many security plugins and methods that you can use to secure your Wordpress blog. Also makes sure that all of your plugins and software are up to date.
     
  6. Godziwa

    Godziwa Regular Member

    Joined:
    Jun 18, 2014
    Messages:
    446
    Likes Received:
    220
    OMG WHY!?? I searched for what a goatse was and the pictures was not amusing to look at.
     
  7. Oukast

    Oukast Senior Member

    Joined:
    Jan 11, 2012
    Messages:
    832
    Likes Received:
    683
    Location:
    Under the palm tree
    The hell do you mean "why"? You'd rather let them pound on your login page?
     
  8. Zevoltai

    Zevoltai Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 29, 2013
    Messages:
    794
    Likes Received:
    237
    It definitely stopped the russian guy that was trying to guess my admin password for a week straight
     
  9. spmcnerd

    spmcnerd Regular Member

    Joined:
    Dec 20, 2010
    Messages:
    309
    Likes Received:
    106
    Configure Wordfence options.
     
  10. hookzinder

    hookzinder Newbie

    Joined:
    May 15, 2014
    Messages:
    7
    Likes Received:
    1
    You need a security plugin, there are many both free and paid for wordpress. Implement one of them and you should be fine.
     
  11. V

    V Elite Member

    Joined:
    May 18, 2012
    Messages:
    2,113
    Likes Received:
    2,543
    Occupation:
    Student
    Location:
    /tmp
    Rename your wp-login.php file to something like wp-login.xxx using file manager or ftp, and rename it back to the original name only when you login. I was getting a lot of similar attacks on my site (I have wordfence and login lockdown) and it was annoying, plus someone hacked my site once and logged into it. So I made sure that even if he hacks my WP site, he won't be able to login. Also, I have enabled email notification when someone logs into my site. ;)
    Hope it helps. :)
     
  12. Automation247

    Automation247 Regular Member

    Joined:
    Jan 21, 2014
    Messages:
    403
    Likes Received:
    126
    Occupation:
    Making some $$$
    Location:
    SPAMMING 24/7 FROM SOMEWHERE IN EUROPE
    Home Page:
    Welcome to Wordpress!

    [​IMG]

    [​IMG]
     
  13. Nicheblogger

    Nicheblogger Regular Member

    Joined:
    Apr 29, 2014
    Messages:
    286
    Likes Received:
    187
    Mom: What did you learn in school today?

    liljohnny: O jee whiz mom, I learned all sorts of stuff, like what a goatse is and why I shouldnt try to brute force attack a blog unless I am prepared to look at a spread asshole.
     
  14. zenlagor

    zenlagor Regular Member

    Joined:
    Apr 4, 2013
    Messages:
    357
    Likes Received:
    184
    Occupation:
    Virtual Pimp
    Location:
    Colombia
    Home Page:
    use .htaccess to only allow from your IP for the admin area.
     
  15. tnhomestead

    tnhomestead Regular Member

    Joined:
    Oct 9, 2011
    Messages:
    385
    Likes Received:
    253
    Location:
    Tenneessee USA
    Home Page:
    Go get HC Custom Wp-Admin, it lets you change your wordpress login for the admin to something only you know. Its hard to hack into a site when you dont have the login address! LOL Never use nulled themes or plugins, lots of them are hacked. I do l2 invalid logins and block the ip for 96 hours + custom HC. No one has ever found the login name to use. Dont use admin or administration for a user name. Always make something up! Then they have to guess 2 words not 1! Also dont use your admin name to post articles with, setup a separate login, that way they cant guess your admin username -- hope these suggestions help!
     
  16. maecenas23

    maecenas23 Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 12, 2010
    Messages:
    1,070
    Likes Received:
    986
    Occupation:
    Full-time worker :D
    Location:
    #RIPCity
    There are some very good advices ( and funny ones) here.
    I am using Ithemes wordpress security ( the former wordpress better security) and if you set all things correctly, you shouldn't have many issues. The bots try, they get banned, try again they get banned and so on.

    The plugin will also help you to change the database name, user name and other things which are usually used to break the security of the WP.
    Also, make sure you don't use any theme which was updated 4 years ago.
     
  17. InsanelySane

    InsanelySane Power Member

    Joined:
    Nov 23, 2013
    Messages:
    562
    Likes Received:
    111
    Limit login attempts plugin, set it to 2 tries.

    Change username if its admin
     
  18. koolkake

    koolkake Regular Member

    Joined:
    Jul 2, 2014
    Messages:
    220
    Likes Received:
    217
    he is likely using a run of the mill bruteforcer. Make sure your password is extemely strong and passes password complexity tests. Its probably an auto mass program. He will go to a new site and wont waste time with yours. Prolly just guessed a few default passwords and moved on.
     
  19. natsirtdm

    natsirtdm Junior Member

    Joined:
    Jun 5, 2012
    Messages:
    121
    Likes Received:
    44
    I've always found renaming the admin account to be a great deterrent - as long as you use a plugin for custom author names or something it works very well.
     
  20. Zombie Pop

    Zombie Pop Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 18, 2013
    Messages:
    360
    Likes Received:
    121
    This is a super easy fix, don't freak. If you ever run your own server, you will find that people try to brute force more than just ACP's. I used to get all kinds of brute force attempts before I locked down everything in WHM. It's just part of the game, I wouldn't take it personal.

    Be sure to move your admin login to a new directory or slug (whatever you prefer to call it). Always use REALLY strong passwords, no matter what it is. SQL, ACP, email, EVERYTHING.