[Qgis-developer] [OT] wordpress attacks ?
Alex Mandel
tech_dev at wildintellect.com
Wed May 29 15:01:34 PDT 2013
Limit the IP range allowed to access the wp_admin page, change the url
of your wp_admin page, get a free cloudflare account... There are lots
of options but this is all way off-topic and better for some wordpress
security forums.
Thanks,
Alex
On 05/29/2013 02:43 PM, Milo van der Linden wrote:
> Allowing login over http is a bad idea....
>
> I used this (for the opengeogroep website):
>
> http://codex.wordpress.org/Hardening_WordPress
>
> And made sure my wp-admin cannot be in any way accessed over http:
> http://codex.wordpress.org/Administration_Over_SSL
>
>
> You may also consider setting up a tarpit, but that is not something
> for the faint at heart and it depends on your distro what is possible:
> http://en.wikipedia.org/wiki/Tarpit_%28networking%29
>
> 2013/5/29 Richard Duivenvoorde <rdmailings at duif.net>:
>> Hi Devs,
>>
>> most qgis-related blogs I see are running wordpress (I think).
>>
>> I just put www.qgis.nl to a new server, and looked at the acces logs.
>>
>> It is horrifying (see http://www.duif.net/wp.png ). Every second (probably)
>> scripts try to login via the wp_admin page.... See the screendump, all
>> different IP adresses, more then every second...
>>
>> Am I the only one with this problem?
>>
>> Someone a solution for this?
>>
>> Regards,
>>
>> Richard Duivenvoorde
>> _______________________________________________
>> Qgis-developer mailing list
>> Qgis-developer at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/qgis-developer
> _______________________________________________
> Qgis-developer mailing list
> Qgis-developer at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/qgis-developer
>
More information about the Qgis-developer
mailing list