Protect Your WordPress Site Against Distributed Botnet Attacks

September 2, 2013 · 1 comment

by Lars

I have experienced some quite disturbing activity over the last 24 hours or so. Several WordPress websites I know of have been hit by extreme load on the wp-login.php file and in some cases the load have been high enough to take the server down. I am not sure, but it looks like some kind of aggressive brute force attack that take place from multiple IP-addresses. This means that most traditional WordPress security plugins that simply limit the number of login attempts from a single IP is not helping to protect the server from resource burn-out. I found a plugin that seems to help effectively and I wanted to share this in case you run into this type of attack on your website. The plugin is called Bot Attack Blocker. The idea is very simple, elegant and effective – it will block the access to the wp-login.php file and make sure the WordPress framework is not loaded if there are more than a specified number of failed logins within a timeframe you specify. The plugin allows you to add you own IP-address to ensure you are not blocked.


ElegantThemes
ThemeForest

Advertisement
Once installed you find the admin page for Botnet Attack blocker under settings. You can set up the number of login failures needed within a spefic timeframe to kick in the blocker. Further, you can set the duration until the block is released again.

bot-attack

Once set up you will notice, immediately if someone is hitting on your site. At the bottom of the admin page, you can see a status and it will let you know if status is blocked or not. If you test the login page from an IP-address that is not white listed, you will notice that you get a simple page with a warning instead of the login page. This will release load from the server and I believe your site will start responding again within a few minutes.

example

Besides adding plugins like this to keep you site safe from botnet attacks, it is always recommended to keep the WordPress core installation, themes and plugins up to date at any time. This will avoid that hackers can take advantage of vulnerabilities in old code. Further, it is a good idea to create a new user account and assign the administrator role to it. Then to downgrade the default admin user to the subscriber role. This protects your site in case the admin user is compromised.

WordPress is a great publishing platform and I enjoy using it, however, popularity, and huge market share comes at a security cost. With millions of personal and small business websites running on WordPress, it is unfortunately a seriously opportunity and easy target for hackers using automated tools and bot networks to exploit commonly known vulnerabilities and perform brute force hacks on weak passwords. Therefore, any WordPress webmaster must take security seriously and keep an eye on news and possible new solutions to upcoming threats. 

Author : Lars Vraa

Lars is passionate about web design, web development, SEO, social media and loves to look into new technologies, techniques, tools etc. and to write articles for tripwire magazine readers.

{ 1 comment… read it below or add one }

YL77 September 6, 2013 at 3:29 pm

Hi I have a dynamical IP address and because I did not want to be locked out myself I searched for another option to protect myself against botnet attacks and I found it.

I opted for WP Lockdwon. A simple and free plugin which let you changes ***/wp-admin in anything you like and it makes ***/wp-admin (and related URLs) inaccessible. Another good option his hide-my-wp but that is a premium plugin .

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Previous post:

Next post:


Web Analytics