
<div dir="ltr">In a lot of cases we see traffic taking the form of brute force login attempts both on wp-login.php and xmlrpc.php. Handling this at the plugin level is harder than at the server level because any plugin is going to have to load properties of WordPress and make database calls to read anything about the user and IP-based blocking is often thwarted by a distributed attack from many different IP addresses (so individual IPs might only log in one time but the weight of all attempts across the range will take down the server).<div><br></div><div>We've had good experience using Fail2ban on the server (<a href="http://www.fail2ban.org/wiki/index.php/Main_Page">http://www.fail2ban.org/wiki/index.php/Main_Page</a>) in combination with the WP-fail2ban plugin (<a href="https://wordpress.org/plugins/wp-fail2ban/">https://wordpress.org/plugins/wp-fail2ban/</a>) which writes failed login attempts to the auth log. The plugin can deny at the server level *any* attempt with username admin or administrator which alone will cut down on 99% of attacks and beyond that can block network ranges based on the failed attempts of multiple IPs within that range. It's a really elegant and flexible solution in my opinion.</div><div class="gmail_extra"><br></div><div class="gmail_extra"><div><div class="gmail_signature"><div dir="ltr"><div>-----</div><font color="#666666" face="arial, helvetica, sans-serif" size="4">Tim Owens<br></font></div><div><br></div></div></div>

<br><div class="gmail_quote">On Tue, May 26, 2015 at 3:54 PM, Ryan Kite <span dir="ltr"><<a href="mailto:rkite@yvcc.edu" target="_blank">rkite@yvcc.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">


<div style="word-wrap:break-word;color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">

<div>

<div>

<div>Have you tried WordFence? Free Plugin works great for locking things down.</div>

<div>

<div></div>

</div>

</div>

</div>

<div><br>

</div>

<span>

<div style="font-family:Calibri;font-size:12pt;text-align:left;color:black;BORDER-BOTTOM:medium none;BORDER-LEFT:medium none;PADDING-BOTTOM:0in;PADDING-LEFT:0in;PADDING-RIGHT:0in;BORDER-TOP:#b5c4df 1pt solid;BORDER-RIGHT:medium none;PADDING-TOP:3pt">

<span style="font-weight:bold">From: </span>wp-edu on behalf of Joseph Ugoretz<br>

<span style="font-weight:bold">Reply-To: </span>"Low-traffic list discussing WordPress in education."<br>

<span style="font-weight:bold">Date: </span>Tuesday, May 26, 2015 at 12:50 PM<br>

<span style="font-weight:bold">To: </span>"Low-traffic list discussing WordPress in education."<br>

<span style="font-weight:bold">Subject: </span>Re: [wp-edu] About to give up<br>

</div><div><div class="h5">

<div><br>

</div>

<div>

<div style="word-wrap:break-word">

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

So sorry to hear about this Darcy!</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

<br>

</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

We’ve kept things up to date and secure for about seven years now, but I know you don’t want to hear that!</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

<br>

</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

I have heard many very good reports about Sucuri <a href="https://sucuri.net/wordpress-security/wordpress-security-monitoring" target="_blank">https://sucuri.net/wordpress-security/wordpress-security-monitoring</a></div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

both for ongoing monitoring and for cleanup once the problem is happening.</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

<br>

</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

For hosting, I think (especially if you don’t have real support), the folks at Reclaim Hosting are going to be a lot better support and caretaking.</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

<br>

</div>

<div style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">

<br>

</div>

<div>

<div style="font-family:helvetica,arial;font-size:13px">-- <br>

<div style="font-family:'helvetica Neue',helvetica">

<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">

Joseph Ugoretz, PhD</p>

</div>

<div style="font-family:'helvetica Neue',helvetica">

<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">

Associate Dean</p>

</div>

<div style="font-family:'helvetica Neue',helvetica">

<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">

Teaching, Learning and Technology</p>

</div>

<div style="font-family:'helvetica Neue',helvetica">

<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">

Macaulay Honors College</p>

</div>

<div style="font-family:'helvetica Neue',helvetica">

<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">

City University of New York</p>

</div>

<div style="font-family:'helvetica Neue',helvetica">

<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">

<a href="http://macaulay.cuny.edu/" style="color:purple" target="_blank">macaulay.cuny.edu</a></p>

</div>

</div>

</div>

<br>

<p style="color:#000">On May 26, 2015 at 3:43:49 PM, Darcy Greene (<a href="mailto:greened@msu.edu" target="_blank">greened@msu.edu</a>) wrote:</p>

<blockquote type="cite"><span>

<div style="word-wrap:break-word">

<div></div>

<div>


<div>

<div><font color="#000000">Hi fellow Wordpress multisite users</font><br>

</div>

<div><font color="#000000"><br>

</font></div>

<div>We have been using Wordpress multisite with our School of Journalism class sites for the past five years. It seems that we have finally lost the battle with plugins and updates. Security is breached, unexplained traffic is taking down the servers

 and nothing is reliable. The competent people who did the original install are long gone. </div>

<div><br>

</div>

<div>Have any of you faced similar problems with an old WPMS network? Do you have an outside host that keeps things running smoothly? Have you changed to a new system?</div>

<div><br>

</div>

<div>Thanks for your feedback.</div>

<div><br>

</div>

<div>Best,</div>

<div><br>

</div>

<div>Darcy</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<div><br>

</div>

<br>

<div><span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline!important">_______________________________________________</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline!important">wp-edu

 mailing list</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">

<a href="mailto:wp-edu@lists.automattic.com" style="color:purple;text-decoration:underline;font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">wp-edu@lists.automattic.com</a><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">

<a href="http://lists.automattic.com/mailman/listinfo/wp-edu" style="color:purple;text-decoration:underline;font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">http://lists.automattic.com/mailman/listinfo/wp-edu</a></div>

</div>

<br>

_______________________________________________ <br>

wp-edu mailing list <br>

<a href="mailto:wp-edu@lists.automattic.com" target="_blank">wp-edu@lists.automattic.com</a> <br>

<a href="http://lists.automattic.com/mailman/listinfo/wp-edu" target="_blank">http://lists.automattic.com/mailman/listinfo/wp-edu</a>

<br>

</div>

</div>

</span></blockquote>

</div>

</div>

</div></div></span>

</div>


<br>_______________________________________________<br>

wp-edu mailing list<br>

<a href="mailto:wp-edu@lists.automattic.com">wp-edu@lists.automattic.com</a><br>

<a href="http://lists.automattic.com/mailman/listinfo/wp-edu" target="_blank">http://lists.automattic.com/mailman/listinfo/wp-edu</a><br>

<br></blockquote></div><br></div></div>