[wp-hackers] Limit Login Attempts
dc153464a11bcf5aeb18180db28017fb.wp-hackers at planetmike.com
Tue Apr 16 16:31:35 UTC 2013
I just ran 10 IP addresses through the Spamhaus IP checker, and 6 of
them were blocked by the XBL list, two by the CBL. Looking at my server
logs, I've got a collection of 781 addresses collected in the past two
weeks, and early 3,000 collected in the last 3 months. Mike
On Tue, 16 Apr 2013 17:10:32 +0100, David Anderson wrote:
> I wonder if Spamhaus's XBL - http://www.spamhaus.org/xbl/ - would help.
> Does anyone have a sample list of IP addresses involved in the
> current attacks? Fancy checking them against the XBL? What percentage
> would be blocked if you deployed a plugin that blocks IP addresses on
> the XBL from logging in?
> On 16/04/13 16:59, David Anderson wrote:
>> With the present attacks, per-IP blocks are not necessarily
>> effective, because the attackers have vast numbers of IPs.
>> The attack is distributed. So why shouldn't we build a distributed defence?
>> Produce a plugin that, before allowing login, verifies the
>> connecting IP against a source in the cloud. All that's needed is
>> someone to provide that source in the cloud. "Dear cloud - what do
>> you think of that IP" "Well, that IP has had A failed logins on B
>> different WordPress sites in C different countries in the last D
>> minutes" (tweak accordingly to have a sensible algorithm, etc.).
>> That's a gap in the market for someone to earn some community
>> credit, or money, from.
Christmas Music 24 Hours a Day, 7 Days a week
"Injustice anywhere is a threat to justice everywhere."
- Martin Luther King Jr.
More information about the wp-hackers