Botnet attack on my WordPress site – my defence

Last two weeks my WordPress site was attacked by a Russian bot-net – around 300 or more attempts where made to login – for those who have to defend themselfs let me tell you how i did it – perhaps it is of any use.

Since a long time WordFence is on board – that plugin is of great assistance in the defense – the tracing of the attacks was clear to me the moment when it started – use to look at “Live Traffic” regular – there i saw the attacks on the login page came by – around 80% from Russia – a bot-net from several IP’s – probably zombie computers.

The attacker had found the right path to the login page – that worried me a bit – so i had to look at more ways to defend my WordPress site.

First i blocked each and every IP that came by – but i realized it should be a matter of time that the attack-script guessed the right password – although i have a save one with 20+ character.

Then the masking of the login page came along – a useful plugin that offers to masked the login under a fancy name (read URL) – resulted in a lot of 404’s – that made the blocking much easier – in the “Blocking” option of WordFence the “Page Not Found” filter did the job. The blocked IP’s still be blocked because there certainly will come another attack – signs that it will come are there already.

Of course i was attend not to block “Humans” ??

There maybe other ways to defend your website but when you not a techie like me this is perhaps a way to handle bot-net attacks