[ PRIVACY Forum ] Huge attack on WordPress sites

• Previous message (by thread): [ PRIVACY Forum ] Huge attack on WordPress sites
• Next message (by thread): Contact for BGP at nic.mil (AS721 AS27064)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

apache's mod_security comes in pretty handy for reducing the
cpu load caused by these attacks; we've seen many sites we
host getting hammered on the wp-login.php page from these
bots.

Here's the rules that block the bad requests:

https://docs.google.com/document/d/1wCpp7U5uOw_krEkQrm9NXFf2LjpGvlZ7uoOK
0Ok4LGM/pub

David 

> -----Original Message-----
> From: Damian Menscher [mailto:damian at google.com] 
> Sent: Monday, April 15, 2013 7:17 AM
> To: Steve
> Cc: nanog at nanog.org
> Subject: Re: [ PRIVACY Forum ] Huge attack on WordPress sites
> 
> FYI, the "new" part of this news is that the current botnet 
> is 10x larger
> than the one you're thinking of.
> 
> Damian
> 
> 
> On Sat, Apr 13, 2013 at 5:39 AM, Steve <angst1974 at yahoo.com> wrote:
> 
> > This is pretty old news , this "super bot-net" of 
> compromised Wordpress
> > sites ( and others) has been attacking since September
> >
> > Sent from my iPhone
> >
> > ONANOG Digest,
> > > *************************************
> >
> >
> 
> 

• Previous message (by thread): [ PRIVACY Forum ] Huge attack on WordPress sites
• Next message (by thread): Contact for BGP at nic.mil (AS721 AS27064)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]