Home » Blog » Hacks » WordPress login failures

WordPress login failures

Back in January I started noticing a lot of failed attempts to log into this website’s admin section, presumably in an attempt to hijack the website and use it to send spam, host illegal content or join some sort of botnet. It seems that many other websites are being affected in the same way.

I’m not particularly worried about this. All of these attempts have so far used the default WordPress user name of “admin”, which doesn’t exist here, and nobody has yet realised that this website is configured to only accept logins over secure connections (i.e., https, not http). Even if they did get that right, it would still take about a billion years to crack the password by brute force. (Well, OK. Perhaps not quite as long as that. But still…)

Anyway, I wrote a script to monitor these failed logins and disable logins altogether from repeat offenders. Since January it’s caught quite a few. Here’s the list of IP addresses that have tried 10 or more times to log in to the non-existent admin account. (Note: This list is updated live, so it will probably keep growing for a while yet.)

(Database offline)
This entry was posted in Hacks. Bookmark the permalink.


More posts

Previous post:

Next post:

Header image: Maple leaves and bamboo stems in autumn at Tenryū-ji garden (天龍寺庭園) in Kyoto. Photo: Frank Gualtieri.

Powered by WordPress