Jili dinosaur tycoon 2 download,Best casino online site.REGISTER NOW GET FREE 888 PESOS REWARDS!

Wow Digital
(@dmpp)

10 years, 10 months ago

This plugin is great! Thank you for your work and effort.

I would say 99.9% of attempts have stopped.

However there a few have started on safe-entrance.php.

https://www.ads-software.com/plugins/project-force-field/

Viewing 5 replies - 1 through 5 (of 5 total)

x
(@offordscott)

10 years, 10 months ago

dmpp, thanks for your feedback. Let us know how many attempts are made on safe-entrance.php

We have some cool stats we can share regarding our own server and how PFF has saved us bandwidth. Just yesterday alone, we counted 5683 attempts blocked.

Scott Offord
Orion Group
Thread Starter Wow Digital
(@dmpp)

10 years, 10 months ago
Hi Scott,

Thanks for getting back to me.

We’ve had about 10-15 attempts to login to the safe-entrance.php page. Which is WAY better than what we had going on before. We had about 42,000 attempts since mid-November, and 28,000 of those have been since the end of March. So I’m very thankful for your plugin!

I’m using the stop spammers plugin along with yours, so that it blacklists IP’s as well – although they can be easily spoofed.
See: https://www.ads-software.com/plugins/stop-spammer-registrations-plugin/ It also helps with fake form submissions/spammers a great deal.

Do you have a command prompt script I could use to check the site headers? I’ve tried some web-based ones and they’re all coming back showing me a temp redirect from wp-login.php to safe-entrance.php.

For example, I used this: https://urivalet.com/ and put in the url to my wp-login.php

Here’s what was returned: (I changed my real domain to domain.com in the content below)
```
1. REQUESTING: https://www.domain.com/wp-login.php
    GET /wp-login.php HTTP/1.1
    Accept: */*
    Accept-Encoding: gzip
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Accept-Language: en-us,en;q=0.5
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 AlexaToolbar/alxf-2.19
    Host: www.domain.com
    Connection: Keep-Alive

SERVER RESPONSE: 302 Found
    Date: Mon, 12 May 2014 14:16:30 GMT
    Server: Apache
    X-Powered-By: PHP/5.4.27
    X-Pingback: https://www.domain.com/xmlrpc.php
    Expires: Wed, 11 Jan 1984 05:00:00 GMT
    Cache-Control: no-cache, must-revalidate, max-age=0
    Pragma: no-cache
    Set-Cookie: kpg_stop_spammers_time=1399904192;
    expires="Mon, 12-May-2014 14:17:32 GMT"
    Location: https://www.domain.com/safe-entrance.php
    Content-Length: 0
    Connection: close
    Content-Type: text/html; charset="UTF-8"

Redirecting to https://www.domain.com/safe-entrance.php ...

2. REQUESTING: https://www.domain.com/safe-entrance.php
    GET /safe-entrance.php HTTP/1.1
    Accept: */*
    Accept-Encoding: gzip
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Accept-Language: en-us,en;q=0.5
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 AlexaToolbar/alxf-2.19
    Host: www.domain.com
    Connection: Keep-Alive

SERVER RESPONSE: 200 OK
    Date: Mon, 12 May 2014 14:16:32 GMT
    Server: Apache
    X-Powered-By: PHP/5.4.27
    X-Frame-Options: SAMEORIGIN
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Set-Cookie: kpg_stop_spammers_time=1399904193;
    expires="Mon, 12-May-2014 14:17:33 GMT"
    Set-Cookie: wordpress_test_cookie=WP+Cookie+check;
    path=/
    Set-Cookie: PHPSESSID=l3fikmuoao3onkq79kkl9bhkv1;
    path=/
    Connection: close
    Transfer-Encoding: chunked
    Content-Type: text/html; charset="UTF-8"

Destination URI: https://www.domain.com/safe-entrance.php
```
Plugin Author Faison
(@faison)

10 years, 10 months ago

Hi dmpp,

Thanks for the kind words ??

You shouldn’t be getting a 302 redirect when trying to access <your site>/wp-login.php, should always 403. But you can type the following into your terminal to test that manually:
curl -I <your site>/wp-login.php

By the way, If people start to get smart, PFF will automatically change the login url after 30 or more login failures occur in a minute.

Finally, how do you know those 10-15 attempts weren’t legit login attempts?

Thanks,
Faison
Thread Starter Wow Digital
(@dmpp)

10 years, 10 months ago
Hi Faison,

Thanks – I will try the cURL command when I get a chance.

I know the login attempts were fake because of the stop spammer plugin. It shows me the username and password that was attempted, along with the IP. Majority of the attempts are like this – same username and password, but the IP is changing:
```
2014/05/13 08:18:29     96.44.***.****     Gabriel*****/**********     /safe-entrance.php
```
(I masked the IP part of the username and the password)
Plugin Author Faison
(@faison)

10 years, 10 months ago

Hi dmpp,

Weird, are they using the same wrong password several times over? Either way, it sounds like Project Force Field is working as intended on your site.
Since the goal of Project Force Field is to protect WordPress site’s from brute force attacks, there’s not much we can do to help you with those remaining attempts, sorry ??

If you don’t mind, though, could you copy some of those nice things you said and paste them into a plugin review ?? https://www.ads-software.com/support/view/plugin-reviews/project-force-field#postform

Thanks,
Faison

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Most "attacks" have been thwarted. A few going to new URL.’ is closed to new replies.