Hi All,
Recently I'm getting a lot of Wordpress "attacks".
The load is changing to +/- 29 (normally below 1)
Apache server status examples:
etc. etc.
This has caused my MySQL to crash.
I'm using CSF as a firewall (works with DirectAdmin BFD).
I tried switching on portflood to prevent Wordpress attacks (click: http://download.configserver.com/csf/readme.txt)
However I'm getting a lot of blocks (one every hour) and I'm affraid these blocks are legimate visitors.
CSF only allows a maximum of 20 packets per address remembered. So I cannot higher the number.
Does anyone have a similar problem? What are you doing to block these Wordpress attacks?
Thanks
!
Recently I'm getting a lot of Wordpress "attacks".
The load is changing to +/- 29 (normally below 1)
Apache server status examples:
Code:
www.site.com:80 HEAD /sysadmin/fckeditor/editor/ HTTP/1.1
www.site.com:80 HEAD /cms/wp-cron.php?doing_wp_cron=1422620840.8922209739685058
www.site.com:80 HEAD /editorold/editor/ HTTP/1.1
www.site.com:80 HEAD /inc/fckeditor/editor/ HTTP/1.1
www.site.com:80 HEAD /cms/wp-content/themes/<theme>/framework/bootstrap/css/boetc. etc.
This has caused my MySQL to crash.
I'm using CSF as a firewall (works with DirectAdmin BFD).
I tried switching on portflood to prevent Wordpress attacks (click: http://download.configserver.com/csf/readme.txt)
Code:
PORTFLOOD = "80;tcp;20;5"However I'm getting a lot of blocks (one every hour) and I'm affraid these blocks are legimate visitors.
CSF only allows a maximum of 20 packets per address remembered. So I cannot higher the number.
Does anyone have a similar problem? What are you doing to block these Wordpress attacks?
Thanks
!
It works pretty well.