Blocking Brute Force Attacks

I see DreamHost is reporting a second consecutive day of brute force attacks aimed at WordPress, but affecting all their users.

Is this just an ongoing hangover from those users that didn’t fix their vulnerable admin user ID’s and pw’s last month, or is this attacking a new vulnerability ?

@psybertron

There are still multiple reports of this same WordPress brute force attack continuing across multiple providers.

It’s not as wide-scale as when it first seemed to really pick up back in the middle of April, but these attacks will probably continue to trickle on for quite some time until the botnet as a whole has stopped or moved on to something else.

– Jacob

Chinese comment spam robots resulted in my (low brow) site host shutting me down. While I saw thousands of attempts at my login, there were 65,000 attempts to post comments on one of my (old) posts. Seems the robots love me!

I’d point you to the article on my page regarding which subnets (all Chinese) I ended up blocking, but I think that such links are frowned upon. If you search for “Chinese Comment Spam robots” in Google you should find it.

On a related note, I wonder how WordFence and Bulletproof are head to head. Bullet proof adds a ton or rules to htaccess. Eventutally I gotta think that will end up with more overhead than processing the PHP itself.

i just deleted the admin user and made a new super user .
for display when i post i rename it and now everything its perfect.
they keep try to access the admin user but there is no more.
??

Flarewall sends banned IP addresses triggered in CSF to the block list at CloudFlare. It’s worth a look.