Page 1 of 2 12 LastLast
Results 1 to 20 of 24
  1. #1
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default Advise plugins to block the site from spammers WP

    Hello, Advise plugins to block the site from spammers WP. Tired of spam + trying to break through the admin panel

  2. #2
    nwalker's Avatar
    nwalker is offline Private Member
    Join Date
    June 2013
    Location
    England
    Posts
    419
    Thanks
    123
    Thanked 315 Times in 182 Posts

    Default

    Quote Originally Posted by CHIC21 View Post
    Hello, Advise plugins to block the site from spammers WP. Tired of spam + trying to break through the admin panel
    Wordfence.
    www.livecasinocomparer.com - Find and compare the best online Live Casinos

  3. The Following User Says Thank You to nwalker For This Useful Post:

    CHIC21 (27 April 2021)

  4. #3
    chaumi is online now Private Member
    Join Date
    October 2013
    Location
    East Midlands
    Posts
    599
    Thanks
    81
    Thanked 243 Times in 195 Posts

  5. The Following User Says Thank You to chaumi For This Useful Post:

    CHIC21 (27 April 2021)

  6. #4
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,512
    Thanks
    2,062
    Thanked 7,808 Times in 4,924 Posts

    Default

    I personally like WP Cerber
    https://wordpress.org/plugins/wp-cerber/

    Also another popular one is All In One Wordpress Security
    https://wordpress.org/plugins/all-in...-and-firewall/

    As recommended above
    https://wordpress.org/plugins/wordfence/

    No doubt those 3 are the most popular.
    For best practices in ANY security plugin, be sure to whitelist your own ip as soon as you activate it if they support it.

    Rick
    Universal4

  7. The Following 2 Users Say Thank You to universal4 For This Useful Post:

    CHIC21 (27 April 2021), rmeeuwsen (27 April 2021)

  8. #5
    newcustomeroffer is offline Public Member
    Join Date
    January 2018
    Location
    United Kingdom
    Posts
    315
    Thanks
    43
    Thanked 140 Times in 100 Posts

    Default

    Defender Pro is worth a look, some good IP blocking and automatic lockout feaures.

  9. The Following User Says Thank You to newcustomeroffer For This Useful Post:

    CHIC21 (27 April 2021)

  10. #6
    baldidiot is offline Private Member
    Join Date
    January 2010
    Posts
    4,314
    Thanks
    406
    Thanked 1,975 Times in 1,302 Posts

    Default

    Another vote for Wordfence here - seems to do the job if you have it set up well (eg: change the log in name and block any IP of someone trying to log in as admin etc..).
    onlinegamblingwebsites.com - Formally known as goodbonusguide.

  11. The Following User Says Thank You to baldidiot For This Useful Post:

    CHIC21 (27 April 2021)

  12. #7
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default

    Thanks all for answer

  13. #8
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default

    By the way, I forgot to tell you, once my friend, a system administrator, wanted to write a script that did the following thing: For those who ddos our site, the moment you access it or the admin panel - downloaded the script, which began to unpack or pack without stopping. I.e. endless archiver, which crammed all the space on disk.But he never made it, as closed claud flare and their restriction on countries.

    Has anyone done something like this?

  14. #9
    Michael Martinez is offline Public Member
    Join Date
    March 2017
    Location
    USA
    Posts
    76
    Thanks
    8
    Thanked 47 Times in 28 Posts

    Default

    Just use a plugin that renames the wp-login.php script. It puts less strain on your server resources than all these PHP-based firewalls.

  15. #10
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,512
    Thanks
    2,062
    Thanked 7,808 Times in 4,924 Posts

    Default

    Michael is correct.

    Most of the plugins listed above will help to move or rename the admin login, in addition, a few of them will track and or block the ip address of those script kiddies looking for the admin login at the default locations. You will have the choice the length of time that block remains.

    Rick
    Universal4

  16. The Following User Says Thank You to universal4 For This Useful Post:

    CHIC21 (29 April 2021)

  17. #11
    baldidiot is offline Private Member
    Join Date
    January 2010
    Posts
    4,314
    Thanks
    406
    Thanked 1,975 Times in 1,302 Posts

    Default

    Renaming the login page is what's referred to as security through obscurity.

    It's fine to do it in addition to other security measures, but I wouldn't rely on it as your only protection - it's like hiding your front door rather than properly securing it.

    Besides, this only protects against brute force attacks. It won't protect against scrapers, spammers, badly written bots, injection attacks or other WP vulnerabilities.
    onlinegamblingwebsites.com - Formally known as goodbonusguide.

  18. The Following User Says Thank You to baldidiot For This Useful Post:

    CHIC21 (29 April 2021)

  19. #12
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default

    Quote Originally Posted by Michael Martinez View Post
    Just use a plugin that renames the wp-login.php script. It puts less strain on your server resources than all these PHP-based firewalls.
    I try. Thank

  20. #13
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default

    Quote Originally Posted by baldidiot View Post
    Renaming the login page is what's referred to as security through obscurity.

    It's fine to do it in addition to other security measures, but I wouldn't rely on it as your only protection - it's like hiding your front door rather than properly securing it.

    Besides, this only protects against brute force attacks. It won't protect against scrapers, spammers, badly written bots, injection attacks or other WP vulnerabilities.
    That is why, there was an idea to develop a type of trap for them. Because the cache cloud flare in a couple of hours was stuffed up to 40-50 GB. There were about 2-3 million requests per second. Unfortunately, they also hammered the mail server (As a result, neither the word press nor the server (

  21. #14
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,512
    Thanks
    2,062
    Thanked 7,808 Times in 4,924 Posts

    Default

    Quote Originally Posted by CHIC21 View Post
    That is why, there was an idea to develop a type of trap for them. Because the cache cloud flare in a couple of hours was stuffed up to 40-50 GB. There were about 2-3 million requests per second. Unfortunately, they also hammered the mail server (As a result, neither the word press nor the server (
    This is one of the reasons many of the suggested plugins allow you to select the behavior of what happens to the ip of the offending invalid login attempts.

    Auto blocking the ip would "potentially" reduce the millions because those attempts would have to rotate through their ip lists they use, and in many of the default cases they would move to another target quicker.

    Like baldidiot stated, this is mostly the part that covers basic brute force attacks, but my guess is a lot of the 40-50 gig you saw was exactly that hitting the default wordpress login page.

    Rick
    Universal4

  22. #15
    baldidiot is offline Private Member
    Join Date
    January 2010
    Posts
    4,314
    Thanks
    406
    Thanked 1,975 Times in 1,302 Posts

    Default

    You can also rate limit the traffic and either throttle or ban IPs that exceed the rate.

    Off the top of my head I think something like 120 requests a minute is sufficient to allow the search bots to not be impeded but kicks off anyone that's too aggressive.
    onlinegamblingwebsites.com - Formally known as goodbonusguide.

  23. #16
    Michael Martinez is offline Public Member
    Join Date
    March 2017
    Location
    USA
    Posts
    76
    Thanks
    8
    Thanked 47 Times in 28 Posts

    Default

    It's best to use a proper firewall that operates either at the server level or independently of the server. But if people don't control their servers they're stuck with the plugin solution.

    If you've got spammers leaving comments on a WordPress blog, sign up for Akismet. It kills most comment and feedback form spam. Millions of people use it and a lot of the spam is trapped before you ever see it. You can set it to be aggressive and delete probable spam before you see it or you can set it to move probable spam to the Spam folders, where you can review it later for false positives.

    Renaming wp-login.php doesn't JUST protect you from brute force attacks. It reduces server load because all those attacks get 404 responses. The server isn't trying to process bogus login attempts.

    The automatic firewall detection and blocking of IP addresses works faster at the server level and creates less of a load. But neither the server-level nor the plugin-level firewalls can do anything about the botnets that use smartphone proxies from around the world to randomly hit your site.

    Botnets probe sites for a variety of URLs = most of which are never found on WordPress sites. There are thousands of Content Management Systems and other Web platforms that can be hacked. The probes come in and look for the URLs, flagging sites that respond to those requests with a 200 status code for later abuse. So your firewalls are less likely to detect them and block them (and blocking the IP addresses for 12-24 hours won't help anyway).

    Then you have the rogue crawlers pretending to be Googlebot. They may be scrapers but most of them are "link research" tools, scanning your site for links pointing to other sites. They'll come in from a variety of Web servers, home IP addresses, business IP addresses, cloud hosting services, and sometimes even through the mobile proxy services. Firewalls MIGHT catch these but a lot of the time they don't.

    The sneakiest fake Googlebots come in from Google's cloud services. Inexperienced people look up the IP addresses and see they belong to Google and assume they must be real Googlebots, but in fact they're not.

    The smartphone proxies are the worst. People around the world can sign up for services that pay them for use of their cellular time. Their phones are leased out to customers who want to hit Websites from a variety of IP addresses, thus bypassing the firewalls most sites rely on.

    I've studied a lot of Website traffic. I've found that about 50% of the typical site's visits come from botnets, most of which are never blocked by firewalls. If you're on shared hosting, chances are very good your ISP already has a firewall in place. Their firewalls are configured to automatically block aggressive IP addresses. Siteowners occasionally trigger these blocks themselves, and then they have to call their ISPs and ask that they be whitelisted.

    If you lease or co-locate your own server, or serve your sites from your own data center, you need to manage your own firewalls.

    So while WordPress security plugins are helpful, they are - like everything else - limited solutions. If a site is being hit hard over time the firewall needs to be managed by someone who can invest the time to review the traffic and analyze it.

    Some legitimate visitors come through Web servers - they're VPNs and proxy servers. But most server-based traffic is just chewing up your site, looking for stuff you don't need those tools to find.

  24. The Following 4 Users Say Thank You to Michael Martinez For This Useful Post:

    chaumi (30 April 2021), CHIC21 (30 April 2021), gm2891 (30 April 2021), universal4 (30 April 2021)

  25. #17
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default

    Yes, that's probably what happened.


    Quote Originally Posted by universal4 View Post
    This is one of the reasons many of the suggested plugins allow you to select the behavior of what happens to the ip of the offending invalid login attempts.

  26. #18
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default

    Quote Originally Posted by Michael Martinez View Post
    It's best to use a proper firewall that operates either at the server level or independently of the server. But if people don't control their servers they're stuck with the plugin solution.
    Thank you for the detailed response

  27. #19
    AussieDave's Avatar
    AussieDave is offline Public Member
    Join Date
    November 2005
    Location
    from the land downunder
    Posts
    3,940
    Blog Entries
    1
    Thanks
    1,578
    Thanked 1,813 Times in 1,027 Posts

    Default

    Quote Originally Posted by Michael Martinez View Post
    It's best to use a proper firewall that operates either at the server level or independently of the server. But if people don't control their servers they're stuck with the plugin solution.
    Agreed... However, it seems the majority of affiliates, these days, are not code savvy, instead only use plugins etc., etc. And it seems most are using shared hosting. Ironically if the majority could code, the forums wouldn't be clogged up with plugin questions

    Over and above the firewall scenario, the problem with using a WP security plugin is... each and every IP blocked, is added to your database.

    I think a LOT of non techie people, will be surprised by how much their site visits are not real-people, from real ISP's, but instead...spammers, script kiddies, scrapers, brute force login attempts, and automated WP hacker bots etc.

    Hacker bot networks for example, can easily have in excess of 1 million IP's, at their disposal.

    That's a LOT of IP data added to your WP database.

    If your on shared hosting, or have limited resources, pretty soon your DB will fill up, and start to degrade your site's performance.

    FYI... there are far better solutions than WP plugins.

    Here's a few tips:
    • Move your WP config file above your root folder
    • Use htaccess file (coding) in root folder, to prevent viewing all folders contents
    • Add htaccess file to wp-admin folder, using coding "deny from all, allow from (your IP only)"

    If your not coding savvy, there are plenty of WP help sites, which provide help to implementing the above recommendations.

    Reiterating, WP plugins are not always the best, or optimal solution. In fact most times, they are your worst WP enemy

    My advice... learn basic html, php and css.
    Knowing these skills, could very well reduce your plugin addiction, to only having to use a few. Using 10, 15, 20, 30 or more WP plugins is insane...
    Last edited by AussieDave; 4 May 2021 at 3:46 pm.
    ---
    Compliance: a code word for control

    ---
    Do the right thing, even when no one is looking. It's called integrity.
    ---

    It's your right to be treated honestly: fairness for all igaming affiliates - doch.news

  28. #20
    CHIC21's Avatar
    CHIC21 is offline Public Member
    Join Date
    April 2021
    Posts
    31
    Thanks
    8
    Thanked 1 Time in 1 Post

    Default

    Thanks for the answer. Namely, the problem with the database overflow was the same. And the hosting resources couldn't stand it anymore.

    Quote Originally Posted by AussieDave View Post
    Agreed... However, it seems the majority of affiliates, these days, are not code savvy, instead only use plugins etc., etc. And it seems most are using shared hosting. Ironically if the majority could code, the forums wouldn't be clogged up with plugin questions

    Over and above the firewall scenario, the problem with using a WP security plugin is... each and every IP blocked, is added to your database.

    I think a LOT of non techie people, will be surprised by how much their site visits are not real-people, from real ISP's, but instead...spammers, script kiddies, scrapers, brute force login attempts, and automated WP hacker bots etc.

    Hacker bot networks for example, can easily have in excess of 1 million IP's, at their disposal.

    That's a LOT of IP data added to your WP database.

    If your on shared hosting, or have limited resources, pretty soon your DB will fill up, and start to degrade your site's performance.

    FYI... there are far better solutions than WP plugins.

    Here's a few tips:
    • Move your WP config file above your root folder
    • Use htaccess file (coding) in root folder, to prevent viewing all folders contents
    • Add htaccess file to wp-admin folder, using coding "deny from all, allow from (your IP only)"

    If your not coding savvy, there are plenty of WP help sites, which provide help to implementing the above recommendations.

    Reiterating, WP plugins are not always the best, or optimal solution. In fact most times, they are your worst WP enemy

    My advice... learn basic html, php and css, knowing those, could very well reduce, your plugin addiction, to only having to use a few (less than 7)

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •