[wp-hackers] [OT] Resources for Defending Against Blog Attacks

Chris Williams chris at clwill.com
Wed Aug 8 16:20:38 GMT 2007


I am the (moderately experienced) webmaster for three blogs that are being
ruthlessly attacked.  I've Googled and searched the WP support forums but I
feel I need the expertise of the elite company herein.  Please forgive me if
this is ridiculously off-topic here.

The sites I'm responsible for are owned by three women who speak for women
and woman's issues.  They are being besieged by misogynist idiots.  The
jerks moved on from truly sick comment storms to DDoS attacks designed to
chase them from their shared hosts.  That succeeded and I mitigated the
problem by using a dedicated server, judicious performance tuning (light
theme, caching, etc.), and some good defenses.  Not only did this help with
these clowns, but it also had the side benefit of allowing them to easily
handle Diggs, and mentions in the New York Times.

Then, after a month or so, the attackers moved on to more insidious attacks.
Recently they managed to chase us from the dedicated host by some other
means.  Some program got on the server and chewed up all the memory and CPU
time, grinding the server to its knees despite quite modest web traffic.
The logs showed nothing funny, there was no logging into the root I could
uncover, I could find no programs installed in temp directories, etc.
Without restarting the blog again only to fail quite publicly and
embarrassingly, I can't analyze the problem in more detail.

We retreated to blogger so I could take the time to move to a new host.  The
old host was beyond useless, taking as much as three days to respond to a
simple email request for assistance, running literally ancient versions
(Fedora 4!) and forbidding me from upgrading, etc. (let me know if you want
to know their name).

I'm in the process of setting up a new machine on a better host and I need
advice from the experts here.  I am surely going to run all the requisite
performance tuning goodies, but I'm looking for more security related help.
Are there good resources, check-lists, etc. that you know of that will help
me insure that this new server will not suffer the same fate?  Even better
would be some form of audit program that would point out my machine's holes
and weaknesses.  I'd even be willing to hire a bright star on a contingent
basis to help in this effort.

As this is clearly off-topic from WP core code, please respond to me
directly off-list if you can provide any advice and counsel.

Thank you in advance for your help,
Chris



More information about the wp-hackers mailing list