Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Many have businesses in both adult and mainstream. Come here to discuss your mainstream business, find new traffic opportunities, new programs to promote, and more! Whether you are in the FOREX, dating, gambling, gaming, herbal products, blogging, or any other mainstream business this forum will take your business to the next level!

 
Thread Tools
Old 10-15-2015, 10:19 AM   #1
redbusiness
Confirmed User
 
Industry Role:
Join Date: Sep 2008
Posts: 292
High server load of wp-login bots

Hi

On my defiacted server I have the last days massive attacks of my wp-login.php, that I get a massive server load from 50 and more.

I used plugins like wordfence which are IPs blocking which want to loginto the WordPress sites with wrong usernames.

All user names are changed from admin to something else with strong passwords.

I thought would fence with blocking IPS would help, but the server load is till high.

So o tried a plugin which will move the wp.login.php to a name I like and puts out an error message on the old wp-login.php

But the server load is still high. What can you suggest me? Would a .htaccess password protection help more instead of the plugin?

Would be happy when someone can give me some tips.

Greets
redbusiness is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-25-2015, 10:43 AM   #2
Defiance Inc
Confirmed User
 
Defiance Inc's Avatar
 
Industry Role:
Join Date: Apr 2008
Location: Phoenix
Posts: 142
Some tips you could try blocking..
from your firewall, htaccess, and webserver (this maybe too much hassle, I would stick with the first two options).
__________________
Defiance Inc is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-25-2015, 02:13 PM   #3
dormeo
Confirmed User
 
Industry Role:
Join Date: Jul 2014
Posts: 57
Try cloudflare wordpress plugin.
Cloudflare is very good for protect your site for Free.
dormeo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-27-2015, 10:07 AM   #4
redbusiness
Confirmed User
 
Industry Role:
Join Date: Sep 2008
Posts: 292
Hi

thanks for the infos. At moment we tried it with the firewall on the server and the htaccess rules for the wp-admin, but now seems that all the attacks are going to the index.php and i have no idea why...

And my server management team seems that they dont can solve that problem at moment. So does someone knows a good server management service and recoomend someone?

Greets
redbusiness is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-27-2015, 11:02 AM   #5
robwod
Confirmed User
 
Industry Role:
Join Date: Nov 2005
Posts: 2,539
There's some basic information here you can try:

1st things first: protect your wordpress install against brute force at the very basic level:
Brute Force Attacks « WordPress Codex

2nd, unless you use it, just delete xmlrpc.php OR, restrict access to it (see point #1 above to see how to restrict access to specific files)

3rd, have your sysadmin add a tool such as fail2ban which will count failed access and just block them in a "jail" inside your server's linux firewall. And auto expire them. It will require some tweaking, but it's really effective.

4th, you can visit the Blocklist site below and download the IP lists of the reported bad ip's in a specific timeframe. These are IP's that were flagged and banned from various fail2ban installations and including everything from brute force wordpress attempts to bruteforce ssh attempts.
http://www.blocklist.de/en/export.html

There's certainly other options, but the above should give you a good starting point, and certainly should be something your sysadmin can implement for you. If not, get a new host.
__________________
NSFW
robwod is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-27-2015, 11:30 AM   #6
redbusiness
Confirmed User
 
Industry Role:
Join Date: Sep 2008
Posts: 292
Hi Robwod,

thanks for your tips.

1. Against brute fore on wordpress i have installed Wordfence which blocks that attempts and also locked down the wp-login.php with a .htaccess.

2. xmlrpc.php has been blocked by my technicans on the whole server

3. fail2ban is already installed on the server, my technicans say.

What i dont understand is, that i get now all attacks directly on the index.php of wordpress. Is there somewhere in WHM a possibility where i can see it more detailed which file they try to attack? So that i can block this more specific?

Greets
redbusiness is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 11-04-2015, 10:06 AM   #7
host4porn
Registered User
 
host4porn's Avatar
 
Industry Role:
Join Date: Sep 2015
Posts: 66
Hello if you are still having problems consider changing your host.

We can definitely help you out at host4porn.com we have cheap dedicated servers for all needs.

Contact me back if you are interested I’m sure you won’t have all those problems with us thanks to our 24/7 friendly support.

Expedited Free Setup.
__________________
host4porn
If its legal its allowed
ServeYourSite
Leading provider of adult shared hosting, vps and dedicated servers
[email protected]
[email protected]
host4porn is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 05-11-2016, 10:47 AM   #8
PornoIzle
Registered User
 
Industry Role:
Join Date: May 2016
Posts: 15
Identifies the Ips and blocked in the htaccess. That worked for me.
PornoIzle is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 05-13-2016, 02:51 AM   #9
Denny
Too lazy to set a custom title
 
Denny's Avatar
 
Industry Role:
Join Date: Feb 2005
Posts: 17,170
It should be possible to block them via htaccess. You can also ask your host to do it for you.
__________________
Denny is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 05-14-2016, 12:10 AM   #10
adentio99
So Fucking Banned
 
Industry Role:
Join Date: Jul 2015
Location: USA
Posts: 366
Where do you have your server ? Which host company ?
adentio99 is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 05-18-2016, 03:32 AM   #11
TempleNode
Confirmed User
 
Industry Role:
Join Date: Apr 2014
Posts: 38
Those brute force attacks can be filter through custom scripts for fail2ban. The ip will be blocked at firewall level so it won't hit again the server.
__________________
TempleNode.com
Tube Script Hosting
Server Management
█ Email Us: [email protected]
█ Skype: templenode
TempleNode is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 05-19-2016, 11:56 PM   #12
nightslit
Confirmed User
 
Industry Role:
Join Date: Oct 2013
Location: France
Posts: 226
This is how I solved the problem (I have wordfence installed aside too).

https://fr.wordpress.org/plugins/custom-login-url/

So I changed my login url to something like mysite.com/Imthefreakingboss and all problems solved as they will not find the url. And if they do you can just change it again...
__________________
email: [email protected] email me for link trades/hardlink exchanges
ICQ : 665974711
my sites: http://hardcoreteenfuck.com
nightslit is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 06-13-2016, 09:42 AM   #13
clarka77
Registered User
 
clarka77's Avatar
 
Industry Role:
Join Date: May 2016
Posts: 8
They're most likely attacking you because you're using a wordpress site. Try Hide My WP. It's a plugin to hide the fact that you're using wordpress.
__________________
Clark A | Web Developer
clarka77 is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >

Bookmarks

Tags
server, load, blocking, massive, plugin, wp-login.php, ips, error, wp.login.php, move, message, suggest, happy, greets, tips, .htaccess, protection, password, changed, wordfence, plugins, attacks, days, bots, wp-login



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.