[wp-hackers] Limit Login Attempts

Michael Clark dc153464a11bcf5aeb18180db28017fb.wp-hackers at planetmike.com
Tue Apr 16 16:31:35 UTC 2013

I just ran 10 IP addresses through the Spamhaus IP checker, and 6 of 
them were blocked by the XBL list, two by the CBL. Looking at my server 
logs, I've got a collection of 781 addresses collected in the past two 
weeks, and early 3,000 collected in the last 3 months. Mike

On Tue, 16 Apr 2013 17:10:32 +0100, David Anderson wrote:
> I wonder if Spamhaus's XBL - http://www.spamhaus.org/xbl/ - would help.
> Does anyone have a sample list of IP addresses involved in the 
> current attacks? Fancy checking them against the XBL? What percentage 
> would be blocked if you deployed a plugin that blocks IP addresses on 
> the XBL from logging in?
> David
> On 16/04/13 16:59, David Anderson wrote:
>> With the present attacks, per-IP blocks are not necessarily 
>> effective, because the attackers have vast numbers of IPs.
>> The attack is distributed. So why shouldn't we build a distributed defence?
>> Produce a plugin that, before allowing login, verifies the 
>> connecting IP against a source in the cloud. All that's needed is 
>> someone to provide that source in the cloud. "Dear cloud - what do 
>> you think of that IP" "Well, that IP has had A failed logins on B 
>> different WordPress sites in C different countries in the last D 
>> minutes" (tweak accordingly to have a sensible algorithm, etc.).
>> That's a gap in the market for someone to earn some community 
>> credit, or money, from.


Michael Clark

Christmas Music 24 Hours a Day, 7 Days a week

"Injustice anywhere is a threat to justice everywhere."
 - Martin Luther King Jr.

More information about the wp-hackers mailing list