Hi all, Due to the fact that I have Wordpress Firewall installed I received a series of potential malicious attack warnings yesterday probing for specific pages / plug-ins / themes and trying to upload executables. The IP address (78.85.76.103) points to the Russian Federation although it could be a spoof address. All were blocked I'm pleased to say, but the warning is clear - install protection and backup as the Wordpress attacks are changing direction! Oh yes . . . several web sites (possibly in China) were locked out for continual persistent login attempts as well ! I'll post the list of probe targets if anyone needs them. Roger
This plugin didn't show any problems with the last wave of brute force attacks. http://devel.kostdoktorn.se/limit-login-attempts
I just tested it today and so far it blocked an attempt from China, but now I see that it has a security seal that always appears in lower RH corner including mobile. I'm not too happy about this and have an inquiry into the developer. I'll update once I get a reply. In the meantime, any recommendations for other WP firewall plugins with proven results?
Update: my bad, in the admin there is a check box to remove seal. Getting old stinks! So far, OSE Firewall has already blocked a few attempts. It's very interesting to see where they originate. Hopefully it will keep the barbarians at the gate from breaking in.
I have been using Wordpress Firewall 2 and working well theme, it will email you anytime anyone tried to force in. Tob
I'm using Wordfence Security with WSD Websitedefender. I can't decide which I like better and have left them both because they both have features that I use that the other doesn't do. If you've already been hacked then Wordfence would be my best suggestion because if the hack replaced files that have the same name as the original installation, Wordfence will compare to the original and fix them. If you haven't been hacked then WSD is nice because the backups are so easy and it will change your table prefixes and make backups on the fly, and lot of other things. So far I haven't seen these 2 interfere with each other.
It would be nice if we had a code expert provide a comparison of these different brands. To date, I've been using OSE Firewall and I get approximately 10 emails a day notifying me of the attack. @Russ: when you refered earlier "This plugin didn't show any problems with the last wave of brute force attacks." which plugin were you referring to?
Another one you could look at, I have been using it without any problems, covers a lot of vulnerable areas in WPress for hackers. WP shielded Hope this helps Tob
Hi rogerschnur, I was referring to http://devel.kostdoktorn.se/limit-login-attempts. This plugin worked well for me during the brute force attacks. You can set the number of retry attempts for login. It works for people just trying to guess someone else's password too. It stops the login attempts so the bot has to move on. I heard about it in the Hostgator community during the first wave a couple of weeks ago and it does wprk as it describes and I have seen no side affects with the other security plugins or the theme or wordpress. A firewall that limits login attempts would make this plugin redundant though. Features Limit the number of retry attempts when logging in (for each IP). Fully customizable Limit the number of attempts to log in using auth cookies in same way Informs user about remaining retries or lock out time on login page Optional logging, optional email notification Handles server behind reverse proxy
