Massive increase in Wordpress logins
Posted: 18 Jun 2019, 08:43
Hello!
I'm not sure if anyone else is seeing the same trend, but i am noticing a massive increase in wp-login attempts lately. This is something i see in the logs of most domains across most, if not all my hosting servers. The originating countries are all over the world; USA, UK Germany Vietnam, Indonesia to Brasil.
Some domains have login attempt from a staggering 5000~6000 unique IP addresses a day. I made a regex rule specifically for these attempts which works as it should. Only because of the shear volume my deny list gets completely flush at least once a day. The logs look like this:
Is anyone else seeing this trend? what would be a suitable solution to these attacks? dump all the IP's in a extra IP block list? Or is there a more elegant solution?
Kind Regards.
I'm not sure if anyone else is seeing the same trend, but i am noticing a massive increase in wp-login attempts lately. This is something i see in the logs of most domains across most, if not all my hosting servers. The originating countries are all over the world; USA, UK Germany Vietnam, Indonesia to Brasil.
Some domains have login attempt from a staggering 5000~6000 unique IP addresses a day. I made a regex rule specifically for these attempts which works as it should. Only because of the shear volume my deny list gets completely flush at least once a day. The logs look like this:
Code: Select all
[18/Jun/2019:00:35:26 +0200] "GET /wp-login.php HTTP/1.0" 200 1872 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[18/Jun/2019:00:35:27 +0200] "POST /wp-login.php HTTP/1.0" 200 2306 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[18/Jun/2019:00:35:28 +0200] "GET /wp-login.php HTTP/1.0" 200 1872 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[18/Jun/2019:00:35:28 +0200] "POST /wp-login.php HTTP/1.0" 200 2288 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
Kind Regards.