25 Aug
2013
25 Aug
'13
7:52 p.m.
Nils-Anders Nøttseter said:
I got a similar attack on my site today, a lot of
"POST /wp-login.php
HTTP/1.0". All user agents were "Mozilla/5.0 (Windows NT 6.1;
rv:19.0) Gecko/20100101 Firefox/19.0", but they were distributed.
They took down my apache (oom) thrice, and my vm was too busy to
properly answer ssh, imap and smtp, but it was over in an hour or two.
That will be the ongoing WordPress bruteforce attempt - setup Apache so
it doesn't try to load more instances than can fit in your memory,
including removing unnecessary modules to slim it down, and see advice
on protecting WordPress.
Ian