[mdlug] Wordpress attack

brandon at fotiu.com brandon at fotiu.com
Tue Dec 19 10:12:52 EST 2017


I run a self-hosted Wordpress but use official plugins. Like with any 
server keeping things light and disabling unused services is key. I 
started with the advice in this article : 
https://arstechnica.com/information-technology/2017/09/how-to-hurricane-proof-a-web-server/

"Akismet - stops comment spam
AMP generates Google AMP pages to mobile visitors
Cloudflare provides access to some Cloudflare settings from within the 
WordPress dashboard
Duo provides 2FA logins
Elastic Email replaces WordPress’ built in mailer with Elastic
Jetpack is WordPress’ mega-plugin that does a bunch of stuff
Purge Varnish makes WordPress aware of Varnish and lets it automatically 
flush stale pages from cache whenever new posts or comments are made."

I use MiniOrange to do 2-Factor Authentication for the admin login as 
well. So far no issues but I don't maintain a high-traffic site.


--Brandon




On 2017-12-19 09:44, gib at juno.com wrote:
> Yes.  Thank you for the information.
> 
> I was just working on the Shelby Club site that I created:
> https://shelbyclub.wordpress.com/
> 
> I turned over the management of the site to the club members.  I don't
> know if they are technically detailed enough to implement the add on.
> 
> 
> ---------- Original Message ----------
> From: "Carl T. Miller" <carl at carltm.com>
> To: "MDLUG List" <mdlug at mdlug.org>
> Subject: [mdlug] Wordpress attack
> Date: Tue, 19 Dec 2017 06:29:39 -0500
> 
> Do any of you manage Wordpress sites?  Take a look
> at what's happening this morning.
> 
> <https://www.wordfence.com/blog/2017/12/aggressive-brute-force-wordpress-attack></https:>
> 
> c
> 
> 
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
> 
> ____________________________________________________________
> 1 Simple Trick Removes Eye Bags & Lip Lines in Seconds
> Fit Mom Daily
> http://thirdpartyoffers.juno.com/TGL3131/5a3925dae4ec25d92b58st04vuc
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug


More information about the mdlug mailing list