Blogs under attack?

Dennis E. Taylor · May 14, 2016

I woke up this morning to find 25 emails from Wordfence, telling me that someone or someones keeps getting locked out for repeated unsuccessful login attempts. I don't normally get 25 hits in a day. Is anyone else suddenly seeing this activity?

I'm not particularly worried, as a straight dictionary attack has no chance (I've removed all the obvious account names). But it makes me wonder if something in particular is going on today.

Filigree · May 14, 2016

My blog has been hammered at from day one, but I've noticed an uptick in attacks lately. Some are just background hackers. Some surges happen anytime I write a post that gets linked from a big discussion site. I love the ones that seem to come after someone gets butthurt over one of my Filigree's Rule posts. Those make me feel like I'm doing good work. I don't trust my hosting site that much, but I have a lot of secondary security measures.

You may be seeing increased attacks after the last gmail leak, too. I know I have.

Dennis E. Taylor · May 14, 2016

Hmm, well, I did post some stuff in the last couple of days, but it's not controversial and it doesn't link to or from. I wonder if some newly discovered vulnerability has the hackers more hopeful about getting into sites.

AW Admin · May 14, 2016

Make sure you don't have a login username like Account, or Admin or Test, or Administrator.

Don't have the WordPress "nickname" field in your User Profile match any login name.

Don't have a user with the userid of 1.

Don't install plugins you aren't using. If you will use it later, consider deactivating it.

Consider having an account you use to post with, that isn't your Admin account, and never posting from your Admin account.

jjdebenedictis · May 14, 2016

AW Admin said:
Don't have a user with the userid of 1.

Oh, hey, I'd never considered that being an issue. I assume it's because it can evaluate to "true" in some instances?

Polenth · May 14, 2016

Angry Guy said:
Hmm, well, I did post some stuff in the last couple of days, but it's not controversial and it doesn't link to or from. I wonder if some newly discovered vulnerability has the hackers more hopeful about getting into sites.

It's unlikely to be anything in particular. This is like a car thief checking the doors as they walk down the road. It's not personal. They're just looking for the one left unlocked. They'll try the locks more some days than others, but not for any real reason.

Blogs under attack?

Dennis E. Taylor

Get it off! It burns!

Filigree

Mildly Disturbing

Dennis E. Taylor

Get it off! It burns!

AW Admin

jjdebenedictis

is watching you via her avatar

Polenth

Mushroom