‘Fort Disco’ Botnet Behind Attack Campaign Against Thousands Of Sites

Posted on August 8, 2013 by mea

“The number of weak passwords is not surprising, as this campaign is clearly a target of opportunity and not focused on a specific target,” Bing says. “This is interesting as it marks a sea change in the tactics of attackers. In addition to drive-by exploits of unpatched Windows machines being the low-hanging fruit, attackers are learning that these blog and content management systems are often vulnerable to trivial attacks.”

via ‘Fort Disco’ Botnet Behind Attack Campaign Against Thousands Of Sites.

Global WordPress Brute Force Flood

Posted on April 12, 2013 by mea

As I type these words, there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence. This attack is well organized and again very, very distributed; we have seen over 90,000 IP addresses involved in this attack.

via Global WordPress Brute Force Flood | HostGator Web Hosting Blog | Gator Crossing.

This wordpress blog has been receiving these attacks since around the beginning of the year. Getting rid of the admin account is a first step and using strong passwords is a second, I chose to just shut down access from the Internet entirely by disabling the wp-admin directory and wp-login.php access in httpd.conf. That may not be practical for most sites however. The error logs were getting quiet in the last 3 or 4 weeks and then this week they’re back up to full speed blocking with IPs from ranges all over the place. It looks like I’m not the only one experiencing this according to here and here.

Update: From my observations of the logs over these last few months these bots are hitting the sites very patiently, sometimes once an hour thus running under the radar of the security plug ins I tried.

Update II: More links here, here, and from here:

These rules will block access for the offending IP address for 5 minutes upon 10 failed login attempts over a 3 minute duration.

This won’t work. Each IP from these bots may hit you once or twice an hour so any limit login plugin won’t detect them at any rate to ban them. You can’t stop this on an IP basis. Since my logs last rotated Sunday morning (almost 6 days ago) I have had 500 different IP addresses hit wp-login.php. They all have been given 403 Forbidden responses yet they keep coming.

Copyright Trolls Order WordPress To Hand Over Critics’ IP Addresses

Posted on March 8, 2013 by mea

The TL;DR is that there is going to be an unprecedented showdown in a Los Angeles court on Monday that could lead to someone associated with Prenda going to prison.

via Copyright Trolls Order WordPress To Hand Over Critics’ IP Addresses | TorrentFreak.

This story keeps getting stranger and stranger.

Ping-o-Matic!

Posted on March 3, 2012 by mea

What is this?

Ping-O-Matic is a service to update different search engines that your blog has updated.

Learn more…

We regularly check downstream services to make sure that they’re legit and still work. So while it may appear like we have fewer services, they’re the most important ones.

Make sure to only ping specialized services if they’re relevant to your blog, otherwise you’ll cause an undue burden on them.

via Ping-o-Matic!.

Connecting to an external database from within a WordPress post

Posted on January 30, 2012 by mea

Connecting to an external database from within a WordPress post — Tyssen Design.

Hi Phil,

At the top of the post, I included: <?php include('/path/to/database/connection.php'); ?

and that file looked like:<?php function runSQL($rsql) { $rootpasswd='yourPasswordHere'; $user='yourUserHere'; $db='yourDBhere'; $dbcnx = @mysql_connect('localhost',$user,$rootpasswd,true); if (!$dbcnx) { echo '<p>Unable to connect to the database server at this time.</p>'; exit(); } mysql_select_db($db, $dbcnx); $result = mysql_query($rsql) or die ('test'); return $result; mysql_close($connect); } }

Then to loop through the results:$sql = "Your SQL statement goes here"; $result = runSQL($sql); while ($row = mysql_fetch_array($result)) { Do stuff; }

WordPress Plugin Unblocks Censored Sites, Including The Pirate Bay

Posted on January 27, 2012 by mea

WordPress Plugin Unblocks Censored Sites, Including The Pirate Bay | TorrentFreak.

The plugin is developed by the hosting company Greenhost and allows everyone with a WordPress blog to start a proxy for sites that are censored elsewhere in the world. As an example, Greenhost have setup a Pirate Bay and Wikileaks proxy.

Install GD Library For PHP5 On CentOS

Posted on October 2, 2011 by mea

Install GD Library For PHP5 On CentOS ~ Mattias Geniar.

This needs to be installed for WordPress and is not necessarily installed by default. Gallery might need it as well but since no images have been added since brandylion.com went into its own vm, I haven’t noticed any problems.

Bucktown Bell

Cut to the chase.

Tag Archives: wordpress