[ PRIVACY Forum ] Huge attack on WordPress sites
David Hubbard
dhubbard at dino.hostasaurus.com
Mon Apr 15 14:29:03 UTC 2013
apache's mod_security comes in pretty handy for reducing the
cpu load caused by these attacks; we've seen many sites we
host getting hammered on the wp-login.php page from these
bots.
Here's the rules that block the bad requests:
https://docs.google.com/document/d/1wCpp7U5uOw_krEkQrm9NXFf2LjpGvlZ7uoOK
0Ok4LGM/pub
David
> -----Original Message-----
> From: Damian Menscher [mailto:damian at google.com]
> Sent: Monday, April 15, 2013 7:17 AM
> To: Steve
> Cc: nanog at nanog.org
> Subject: Re: [ PRIVACY Forum ] Huge attack on WordPress sites
>
> FYI, the "new" part of this news is that the current botnet
> is 10x larger
> than the one you're thinking of.
>
> Damian
>
>
> On Sat, Apr 13, 2013 at 5:39 AM, Steve <angst1974 at yahoo.com> wrote:
>
> > This is pretty old news , this "super bot-net" of
> compromised Wordpress
> > sites ( and others) has been attacking since September
> >
> > Sent from my iPhone
> >
> > ONANOG Digest,
> > > *************************************
> >
> >
>
>
More information about the NANOG
mailing list