hacking wp-admin tagged posts

Lately this blog has been targeted by many attackers varying from brute force attacks to D-DOS. Although I couldn’t do much about DDOS (servers provider takes care of that), I was able to mitigate the brute forcing attacks on my wordpress. I’ve been using this trick for a while and it keeps bad guys away from my wp sensitive pages.

First let me share with you a snippet from my logs. (I know you love these 😛 )

Yep that is a 4167 attempts to penetrate wp-login.php form. Fortunately I know this was coming so after installation I simply created a filter using Apache .htaccess to filter out all connection to wp-login.php and wp-admin/ except the one coming from my IP address!

Read More