BBM
Verified User
I have an persistent hackserver hammering the wordpress-installs on my server.
The IP (93.174.93.61) is listed in CSF, I even made it 'do not delete', but the IP is not blocked at all, as since 1 day I've noticed in BFM this IP has made over 10k+ hackattempts.
in CSF deny;
in BFM (various entry's);
I also noticed BFM has tried to add the IP to CSF, but it was already there, bit CSF doesn't seem to block it at all.
Anyone have a clue why CSF doesn't block it? Is my CSF not working properly (maybe since I coupled BFM to CSF)?
Haven't checked much further yet if other IP's are blocked or not, but I'm doubtful now.
The IP (93.174.93.61) is listed in CSF, I even made it 'do not delete', but the IP is not blocked at all, as since 1 day I've noticed in BFM this IP has made over 10k+ hackattempts.
in CSF deny;
Code:
93.174.93.61 # do not delete
in BFM (various entry's);
Code:
A brute force attack has been detected in one of your service logs.
IP 93.174.93.61 has 1930 failed login attempts: wordpress2=1930
I also noticed BFM has tried to add the IP to CSF, but it was already there, bit CSF doesn't seem to block it at all.
Code:
2015:01:18-03:54:07: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421549642&last_notify=1421549646&wordpress2=511'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-04:54:07: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421553241&last_notify=1421553246&wordpress2=691'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-05:54:07: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421556841&last_notify=1421556847&wordpress2=863'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-06:55:08: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421560501&last_notify=1421560507&wordpress2=1003'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-07:55:08: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421564101&last_notify=1421564108&wordpress2=1168'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-08:57:08: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421567821&last_notify=1421567827&wordpress2=1342'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-09:57:08: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421571421&last_notify=1421571427&wordpress2=1508'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-10:57:09: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421575021&last_notify=1421575028&wordpress2=1664'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-11:57:10: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421578621&last_notify=1421578629&wordpress2=1801'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
2015:01:18-12:57:22: Brute Force error (93.174.93.61, 'first_entry=1421538421&last_entry=1421582221&last_notify=1421582242&wordpress2=1930'): Script output: [WARNING] The IP 93.174.93.61 is already blocked:csf.deny: 93.174.93.61 # WP
Anyone have a clue why CSF doesn't block it? Is my CSF not working properly (maybe since I coupled BFM to CSF)?
Haven't checked much further yet if other IP's are blocked or not, but I'm doubtful now.
Last edited: