Page 2 of 2 FirstFirst 12
Results 21 to 29 of 29
  1. #21
    MegaFreeChips's Avatar
    MegaFreeChips is offline Public Member
    Join Date
    September 2015
    Posts
    22
    Thanks
    4
    Thanked 10 Times in 9 Posts

    Default

    To add a superior security layer to your login page:

    1. add 2FA (2 Factor Authentication).
    2. restrict IP's to your login page through your web-server's configuration (or any security product you are using), so only white-listed ip's can get there.

    This way, no hacker can even get close to try brute-forcing your login page.

  2. The Following User Says Thank You to MegaFreeChips For This Useful Post:

    alin04 (2 December 2015)

  3. #22
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    28,138
    Thanks
    2,260
    Thanked 7,954 Times in 5,018 Posts

    Default

    The problem with whitelisting (and I am actually all for it and white list server access on my rack) is that a lot of people, especially in Europe, get dynamic ip addresses from their providers.

    (In fact many in the UK think it is a good thing to be able to reboot their equipment and get an ip that the spammer or hacker down the street had yesterday, but oh well...that is a different discussion)

    This can cause an issue since if you have a different ip today than you did yesterday, you will not be able to get back in to whitelist the new ip.

    I personally think ISP's should stop the practice of constantly changing ip's for their users and just go ahead and allow the dhcp servers to extend reservations and auto-renew them. Hackers and spammers would be more successfully blocked, ISP's would have less routing issues, and they would spend far less time trying to figure out who on their networks are performing the brute force attacks and could actually take action with some teeth....

    If anyone pays the few extra dollars their isp requests for a fixed ip then whitelisting is a great function.

    Rick
    Universal4

  4. The Following User Says Thank You to universal4 For This Useful Post:

    -Shay- (2 December 2015)

  5. #23
    Ares's Avatar
    Ares is offline Public Member
    Join Date
    September 2014
    Posts
    177
    Blog Entries
    6
    Thanks
    31
    Thanked 27 Times in 23 Posts

    Default

    Quote Originally Posted by alin04 View Post
    Thanks Rick.
    And all the webmasters said that wp is the best platform for a site. I don t see this kind of atacks on blogger.
    Google is behind blogger. There is no better security than blogger - it is the most secure platform of all.
    I used it for years.
    Then Google/blogger started to put some strange TOS where gambling sites are not very welcome.
    Last edited by Ares; 9 April 2016 at 8:28 am.

  6. #24
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    28,138
    Thanks
    2,260
    Thanked 7,954 Times in 5,018 Posts

    Default

    I disagree that Google has the best security.

    If they did people would never see attacks coming FROM Google ip's and they can and do happen, which means some of their ip space and clients have been compromised

    Wordpress websites are only ever going to be as secure as site owners and developers make them, having less to do with the host.

    Now some hosts will make recommendations about security etc, and even put some time into helping developers lock down their sites, but Google is NOT one of the companies that does that.

    I wonder if they do have some additional routing rules in place on their NAT device that forwards blogger traffic, that sees login attempt patterns to help reduce this type of attempt.

    Or do they automatically lock down admin access by ip or subnet?

    Rick
    Universal4

  7. The Following User Says Thank You to universal4 For This Useful Post:

    -Shay- (9 April 2016)

  8. #25
    JackTenSuited is offline Private Member
    Join Date
    March 2004
    Posts
    1,014
    Thanks
    23
    Thanked 335 Times in 208 Posts

    Default

    Quote Originally Posted by kav View Post
    Google is behind blogger. There is no better security than blogger - it is the most secure platform of all.
    I used it for years.
    Then Google/blogger started to put some strange TOS where gambling sites are not very welcome.
    Really? I have a gambling blog which is ranking quite well atm

  9. #26
    BSC's Avatar
    BSC
    BSC is offline Public Member
    Join Date
    February 2013
    Location
    Canada
    Posts
    28
    Thanks
    23
    Thanked 23 Times in 12 Posts

    Default

    Quote Originally Posted by MegaFreeChips View Post
    To add a superior security layer to your login page:

    1. add 2FA (2 Factor Authentication).
    2. restrict IP's to your login page through your web-server's configuration (or any security product you are using), so only white-listed ip's can get there.

    This way, no hacker can even get close to try brute-forcing your login page.
    Great suggestions I like the 5sec Google Authenticator plugin from Code Canyon:
    http://codecanyon.net/item/5sec-goog...ection/5778653

    It gives you 2FA, login whitelisting, and will also ban IPs that fail to login too many times. You can even choose whether the IPs are banned from the entire site or just the login page.
    Play Only The Best.
    BestSlotsCanada.com

  10. #27
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    28,138
    Thanks
    2,260
    Thanked 7,954 Times in 5,018 Posts

    Default

    Yes, there are a number of security plugins that will lockout too many login attempts, but it is still important to move or rename the admin login.

    If the login is left at default, even if the attempt is denied, a few hundred thousand denied attempts or more could seriously affect the overhead on a site.

    Also, recently I have seen a HUGE increase in xml/rpc type attacks and have found that fewer plugins help in this area so I have been trying to find some of the better ones for that and will update that thread we have from recent times that specifically discusses security plugins.

    Rick
    Universal4

  11. The Following 2 Users Say Thank You to universal4 For This Useful Post:

    -Shay- (9 April 2016), BSC (9 April 2016)

  12. #28
    sweetbet's Avatar
    sweetbet is offline Public Member
    Join Date
    November 2012
    Posts
    2,819
    Blog Entries
    5
    Thanks
    898
    Thanked 1,575 Times in 1,087 Posts

    Default

    Most of my hack attempts are coming from Bulgaria, Ukraine, Russia, China, France and the US.

  13. #29
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    28,138
    Thanks
    2,260
    Thanked 7,954 Times in 5,018 Posts

    Default

    My guess is the French IP's are OVH since they seem to allow the most hacking activity coming OUT of their of space.

    I also see a fair amount coming from Bulgaria and Ukraine, China is obvious.

    Sadly the US is going to be high on most lists since they have a total higher concentration of ip space, although the ISP's in the US overall react to hack attempt reports more efficiently than most (over all in general terms) Most of the other countries listed ignore the reports, which is likely why it is so bad.

    The needed requirements of filing the reports can be quite time consuming, and without logs they are ignored, and the logs must have a time/date stamp and they MUST include the port used.

    One thing that is starting to concern me is that it also appears that there has been an increase in bad activity coming from cell phone ips' which is most likely due to hacked and jailbroke phones and compromised apps. Hopefully the phone companies will not lose a handle on this or it could get more messy very fast.

    Rick
    Universal4

  14. The Following User Says Thank You to universal4 For This Useful Post:

    -Shay- (10 April 2016)

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •