Brute force attacks and 503 Service

  • My admin access (wp-admin.php) has been under a brute force attack for the last 48 hours and placed under a 503 Service Unavailable by the provider. I was advised to check for WordPress brute force prevention plugins and I have found a few that might work.
    Can any of these be installed to stop the current brute force underway?
    If not, how long might I expect to wait before the attack ceases?
    I am surprised that if the hacker is encountering the same 503 Service Unavailable notice for 48+ hours that it should persist in trying to get to the wp-admin function. Has anyone had similar problems with access?
    Thank you.

    • This topic was modified 2 years, 9 months ago by Jan Dembowski. Reason: Moved to Fixing WordPress, this is not an Everything else WordPress topic

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator t-p

    (@t-p)

    Please see this help guide: https://www.ads-software.com/support/article/brute-force-attacks/

    Also review https://www.wpbeginner.com/wp-tutorials/how-to-fix-503-service-unavailable-error-in-wordpress/

    Dion

    (@diondesigns)

    Are you sure it’s a brute-force attack and not a DDoS attack? Someone trying to DDoS your site would be looking for the HTTP503 message because it tells them they are succeeding, and they would keep up the attack.

    You might want to talk to your hosting company. They should look at access logs to determine what type of attack you’re experiencing, and adjust accordingly. For example, one possible solution would be to use .htaccess to password-protect the /wp-admin directory with an ID/password that’s provided in the message text.

    Good luck!

    Thread Starter zeromost

    (@zeromost)

    Thank you for your messages.

    Regarding the suggestion about a DDoS and not a brute force attack, I contacted the host and have been told by them that it’s a brute force attack. I’ve been told I’ll just have to wait out the end of the attack before they remove the 503 Service Unavailable notice.

    Regarding the remedies for fixing the service, I have tried renaming/disabling the installed plugins and templates as suggested, but this seems to have had no effect.

    The impression I’m left with is that some external agent is persisting in trying to guess its way into my wp-admin.php password despite the host shutting things down with the 503 Service notice. But after the time already elapsed, I can’t make any sense of the attacker carrying on. I gather Microsoft did a survey of 50000+ brute-force attacks and found that they lasted on average 48-72 hours. But no mention was made of the host using the 503 Service measure.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Brute force attacks and 503 Service’ is closed to new replies.