Repeat after me, “hackers most often target vulnerabilities, not specific people or companies.” Now, say that over and over again.. and shortly you should come to the conclusion that every single device and application typically has vulnerabilities which makes everyone a target. That’s right, everyone is a potential target — not just the big names,…
If you asked me from September 2012 forward, the answer would change dramatically with WordPress Brute Force Attacks now exceeding 50% of all attacks being reported.
If you review your or your hosting provider reviews your web site’s access logs on a regular basis, you can tell if there are Brute Force attacks being attempted on your WordPress site by seeing multiple requests to access the file wp-login.php from the same IP address over and over again. Sometimes it might be a single request every x period of time; other times it might be scores of requests from the same IP address. By the way, are you or your provider regularly checking your web site access logs for abuse?
How can you protect yourself against WordPress Brute Force attacks?
Linux Socket Monitor by R-fx Networks is a good, automated, tool to let you know if an application is creating TCP and UDP sockets.
The caveat we’ve experienced over the years is that when you receive an LSM alert that might involve malicious malware or hacker activity on the server running LSM, you sometimes have milliseconds to log onto the server to hopefully catch the application opening sockets red handed. If you are delayed or the application just runs that fast, by the time you are on the server, the port closed and the application is now in hiding.
I often agree necessity is the mother of invention, and I would like to share what we’ve done to extend the Linux Socket Monitor (LSM) to provide running process information, not just the netstat lines.
What if your PCI Compliance authorized scanning vendor wants you to only allow RC4-SHA as a SSL CipherSuite in order to pass PCI Compliance against the SSL BEAST Attack? Here are the tested settings.