1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WP failed login attempts - This guy will never give up !

Discussion in 'BlackHat Lounge' started by Zak_A, Apr 27, 2012.

  1. Zak_A

    Zak_A Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 16, 2008
    Messages:
    808
    Likes Received:
    873
    Gender:
    Male
    Occupation:
    WP designer & developer
    Location:
    Western Europe
    It seems like someone is trying to log into one of my WP niche site for months. It's actually a pretty crappy site, only one page the pre-sell a CPA offer, no seo and no rankings at all (I used to drive traffic to it with TA, now it's just hanging there and gets like 2 hits a day)

    Anyway, there's a guy trying to log into wp-admin, every single day for more than 4 months.
    At first he was trying 3 times in a row, and then his IP was blocked for 24hours. Then he would tried again the next day with the same IP. Pretty ridiculous already.

    Then I added a plugin that locks your IP for 9999 hours after only one failed attempt. The attempts stopped for a few days, and now the guy is up to it again, one attempt per day with a different IP.

    Seriously, how ridiculous is this ?
     
  2. necro

    necro Regular Member

    Joined:
    Dec 23, 2010
    Messages:
    292
    Likes Received:
    189
    Sounds like software to me :)
     
  3. Zak_A

    Zak_A Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 16, 2008
    Messages:
    808
    Likes Received:
    873
    Gender:
    Male
    Occupation:
    WP designer & developer
    Location:
    Western Europe
    Yeah sure this is automated (at least I hope so for him), but why would it hit my admin login page only once a day, every day for 4 months already ? That so ridiculous.

    If he was trying to bruteforce my password, why would he try once a day ? He could try with as many threads as he has proxies, all at once.

    With one attempt a day we'll all be living underwater on mars and kittens will rule the word before he gets a chance to find my password ! :D
     
  4. necro

    necro Regular Member

    Joined:
    Dec 23, 2010
    Messages:
    292
    Likes Received:
    189
    That's true, it will take a shitload of them to get your password.

    I think he will do it like this: scrape 100k of wp-sites try once a day.

    So he can get easly some results, but even then try to look how often you wp-login.php get's called because thats the real login script...
     
  5. fernando999

    fernando999 Newbie

    Joined:
    Mar 5, 2011
    Messages:
    22
    Likes Received:
    4
    How can you tell someone's trying to log into your admin panel? Whats the name of the plugin you're using? Thanks
     
  6. Zak_A

    Zak_A Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 16, 2008
    Messages:
    808
    Likes Received:
    873
    Gender:
    Male
    Occupation:
    WP designer & developer
    Location:
    Western Europe
    The plugin I'm using is called Limit Login Attempts (but there are lots of other similar plugins), you can get it here:
    Code:
    http://devel.kostdoktorn.se/limit-login-attempts
    It lets you set the number of allowed retries and the lockout duration. Also it logs every failed attempts with the time and ip, and user name used to try to login, and it can send you an email everytime someone tries to login and get his ip locked :)
     
    • Thanks Thanks x 1
  7. alinator

    alinator Junior Member

    Joined:
    Mar 3, 2012
    Messages:
    147
    Likes Received:
    25
    Location:
    NYC
    Or search Login Lockdown on WP Plugins Site - pretty decent