当前有一个活跃的僵尸网络,正在攻击WordPress和Joomla网站。可能还有更多。您应该会看到更多被阻止的登录信息。如果您不这样做,可能是出了点问题。
但是请注意,阻止IP地址对拥有90,000个IP地址的僵尸网络没有帮助。
如果您对每个插件都这样做,请避免Limit Login Attempts。它将IP存储在一个序列化选项中,该序列化选项必须针对每个请求进行非序列化。这非常昂贵且缓慢。
查找一个使用单独的数据库表的插件,或按以下方式阻止您的.htaccess中的IP地址:
order allow,deny
# top 30 IP addresses listed in
# http://blog.sucuri.net/2013/04/mass-wordpress-brute-force-attacks-myth-or-reality.html
deny from 31.184.238.38
deny from 178.151.216.53
deny from 91.224.160.143
deny from 195.128.126.6
deny from 85.114.133.118
deny from 177.125.184.8
deny from 89.233.216.203
deny from 89.233.216.209
deny from 109.230.246.37
deny from 188.175.122.21
deny from 46.119.127.1
deny from 176.57.216.198
deny from 173.38.155.22
deny from 67.229.59.202
deny from 94.242.237.101
deny from 209.73.151.64
deny from 212.175.14.114
deny from 78.154.105.23
deny from 50.116.27.19
deny from 195.128.126.114
deny from 78.153.216.56
deny from 31.202.217.135
deny from 204.93.60.182
deny from 173.38.155.8
deny from 204.93.60.75
deny from 50.117.59.3
deny from 209.73.151.229
deny from 216.172.147.251
deny from 204.93.60.57
deny from 94.199.51.7
deny from 204.93.60.185
allow from all
也可以看看:
我们的标签安全性也值得一看,尤其是:
如果您已经移动wp-admin
或wp-login.php
仍可以通过在主URL 后面附加/login
或/admin
来猜测这些URL。WordPress会将这些请求重定向到正确的位置。
要停止这种行为,您可以使用一个非常简单的插件:
<?php # -*- coding: utf-8 -*-
/* Plugin Name: No admin short URLs */
remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
我认为这是默默无闻的安全 -没什么大不了的。