Oracle of Geek
Ze Cheesefather's Oracle of Geek
Skip to content
  • Home
  • About

Tag Archives: global

WordPress Distributed Botnet Attack Blocker

  By cheesefather | April 29, 2013 - 3:15 pm | Linux, Windows
33 Comments

After the recent global distributed botnet attack on WordPress installations that took down servers and broke into admin accounts, I thought I’d write a plugin to prevent it happening again.

Distributed botnet attacks can come from multiple IP addresses and locations at the same time, so conventional IP-based lockouts are not effective (e.g. those found in Wordfence and other WordPress security plugins).

For example, if 1,000 different computers (with unique IP addresses) are trying to brute-force your admin password and you lock out each IP address after 5 incorrect attempts then you have still allowed 5,000 attempts. My plugin essentially ignores the different IP addresses and locks out all admin login attempts in a configurable way – so if you have it set to 5 failed attempts (default) then those 1,000 different computers will only have a total between them of 5 attempts.

You can select how many login failures causes the lockout, how much time to allow between failures, how long to block logins for and also you can input a whitelisted IP address (or multiple addresses separated with commas or spaces) which can bypass the lockdown and always log in – so you can still always get into your site even in the middle of an attack. Version 1.1 adds support for partial IP address matching for those with dynamic IP addresses.

I have added the plugin to the WordPress repository for general use – WordPress seems to require a donation link so if you would like to contribute, please click here. Please feel free to leave comments and suggestions.

Download here: botnet-attack-blocker (direct from WordPress)

Tagged admin, attack, blocker, botnet, brute-force, centos, ddos, distributed, global, ip, lockout, login, plugin, security, wordpress, wp, wp-admin
  • Recent Posts

    • Install MySQL 5.6 on CentOS 8
    • VPS Benchmarks: Amazon EC2 and Lightsail, Azure, DigitalOcean, Google, Hostworld, Linode, OVH, UpCloud, VPSServer, VPS.net, Vultr
    • Install OSSIM/OSSEC agent (CentOS 7)
    • VPS video encoding speed comparison
    • Summernote insert single line break instead of paragraph on pressing enter
Oracle of Geek | Powered by Mantra & WordPress.