Posts Tagged attacks
I’ve been wanting to secure the back-end of this site with SSL for a while now. More so now that the attacks against the site have really ramped up. I don’t make any money from the site so I had a hard time swallowing the price for an SSL cert. StartCom to the rescue! They have level 1 certificates for free. You just need to install their intermediate certificate, which they provide a nice tutorial for. So yeah, if you want a free cert, check out Startcom at https://www.startssl.com/
No, I don’t mean it is getting drunk. (curse you english language with you double meanings for everything) Since I added the Better WP Security plugin I am geting site lock out notifications at about 2-3 a day now. Tracing the requesting IP’s all go back to one nefarious country…dun dun dahh…China. The performance of the over server is degraded as well with the number of requests coming in. I would love to say that I am really that popular, but it seems I am directly in the crosshairs of some individuals in China with a lot of bandwidth.
I should really just blacklist the whole country really. I used to run my web server out of my house but the bandwidth was pretty poor on a home DSL line. It didn’t help that I was getting attacked pretty regular as well. I ended up blacklisting most of Russia, China, and Korea. It cut down on the amount of serviced requests greatly and saved on my server wear and tear but it still ate up bandwidth.
Just read this article last week and I added a couple new plugins for security. Namely, I added Limit Login and Better WP Security. The very next day after adding these plugins it was already blacklisting IP’s coming from China that have been trying to brute force their way into my site.
If you run a WordPress site I can’t recommend enough that you beef up your password strength and add those plugins (if you haven’t already). AND MAKE SURE YOU KEEP YOUR WORDPRESS INSTALL UP TO DATE!!!! The amount of bogus traffic over the past couple of weeks has been scary. You have been warned.