Home page logo
/

nanog logo nanog mailing list archives

RE: [ PRIVACY Forum ] Huge attack on WordPress sites
From: David Hubbard <dhubbard () dino hostasaurus com>
Date: Mon, 15 Apr 2013 10:29:03 -0400

apache's mod_security comes in pretty handy for reducing the
cpu load caused by these attacks; we've seen many sites we
host getting hammered on the wp-login.php page from these
bots.

Here's the rules that block the bad requests:

https://docs.google.com/document/d/1wCpp7U5uOw_krEkQrm9NXFf2LjpGvlZ7uoOK
0Ok4LGM/pub

David 

-----Original Message-----
From: Damian Menscher [mailto:damian () google com] 
Sent: Monday, April 15, 2013 7:17 AM
To: Steve
Cc: nanog () nanog org
Subject: Re: [ PRIVACY Forum ] Huge attack on WordPress sites

FYI, the "new" part of this news is that the current botnet 
is 10x larger
than the one you're thinking of.

Damian


On Sat, Apr 13, 2013 at 5:39 AM, Steve <angst1974 () yahoo com> wrote:

This is pretty old news , this "super bot-net" of 
compromised Wordpress
sites ( and others) has been attacking since September

Sent from my iPhone

ONANOG Digest,
*************************************






  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]