Security questions about DDoS attacks

  • About every four hours my site gets hit by bots trying to log in. They use admin and then try different combinations of numbers and /or words for the password. I see the information because I am running the Sucuri plugin.

    My site is well hardened. The normal wp-admin log in disabled in addition to many other methods.

    Is it normal for all sites to have bots chasing them? It may have been going on forever but I didn’t get notice until I installed the plugin.

    Should I let my host know? Does it impact the server in anyway?

    Thanks.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    It’s normal and as long as you take precautions I think you’ll be fine. Your host doesn’t need to be notified and should already be aware of that. I hope. ??

    It happens to my site too but it doesn’t use much CPU or network traffic to make it a problem for me. If you have a dashboard for your server (mine is a VPS) then you should be able to see how your allotment is doing for CPU and network usage.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    Should I let my host know? Does it impact the server in anyway?

    It does impact the server. It makes it slower. I had a high 5 min load average this morning before my firewall learned about the new attacks. :/ Yaaaay.

    If your host is any good, your host already knows and is doing things to prevent a DDOS or DOS attack.

    Wordfence Security is one plugin I happen to know about that can throttle over-aggressive traffic, and I have recently discovered NinjaFirewall and its ability to block certain things altogether before they even get to WordPress.

    Thread Starter kmessinger

    (@kmessinger)

    OK. Thanks. I am using CloudFlare thru my host and can lock out entire countries. What powers I have! I think I will just turn off the notifications from Sucuri and check CloudFlare every couple of days.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Security questions about DDoS attacks’ is closed to new replies.