Recently there has been reports from several web hosting companies that a massive Botnet was used to launch brute-force attacks on WordPress powered website. The distributed botnet attack on WordPress installations took down servers and even broke into several admin accounts.
Website hosting providers HostGator, InMotion Hosting and Melbourne Server Hosting advised their customers to update their administrator passwords . Security firm Sucuri reported , that their service has blocked 77,000 attacks per day on average in April 2013.
Even WordPress founder Matt Mullenweg, published a post on his blog about this issue and advised WordPress web-admins who still use “admin” as a username, to change the username to different one and set a strong password.Further, he suggested to enable two-factor authentication and make sure that their WordPress installation is up to date.
“Right now there’s a botnet going around all of the WordPresses it can find trying to login with the ‘admin’ username and a bunch of common passwords, and it has turned into a news story,” Mullenweg explained.
Normally conventional WordPress security plugins like Wordfence configure websites to block an IP address , if there are too many failed login attempts from that IP address. Normally the failed login attempts will be limited to 5.
But in general the brute-force attacks rely on a botnet to crack passwords, they attempt to break the password from a different IP address. For instance a botnet can use 1,000 computers to try out 5,000 combinations to by pass above rule 5 failed login attempts
Botnet Attack Blocker plugin steps in to prevent above type of attacks, the plugin ignores the different IP addresses and blocks attackers even if they use a large number of bots.Not just 5 , you can also select the number of allowed login attempts, the time interval between failures, and for how long to block logins.
Also the plugin allows its users to whitelist their own IP address (or multiple addresses separated with commas or spaces), so that theycan access the website even in the middle of an attack.
Features of Botnet Attack Blocker plugin :
1.Any failed login is counted regardless of username or IP address (unless whitelisted).
2.Once locked down, nobody can log in except from whitelisted IP addresses.
3.You can specify the number of login failures that triggers a lockdown.
4.You can specify the time between failed attempts that should be counted.
5.You can specify how long the lockdown should last.
6.You can add whitelisted IP addresses that bypass the lockdown.
7.Partial IP address matching for dynamically allocated IP addresses.
8. Plugin is available in French, German, Italian and Russian languages.
Download: Botnet Attack Blocker WordPress Plugin