Blog down on crack attempt


My blog was not accessible from the morning of yesterday until 11 am today.

According to the web hosting company, someone tried to crack my blog.

It was down a while ago, this is the second time.

It says that I have not been able to access other websites on the server where my blog is located for 3 hours.

The hosting company said there seems to be a problem with WordPress, so they told me to consider WordPress.

Good morning..

about this morning 6from the city 10 30I've talked about this problem before, such as a lot of hackers accessing your site up to a minute and causing server load..

Foreign hackers these days wordpress Access to the website that uses this program is increasing rapidly..

Perhaps some vulnerable part of this program has been exposed to a hacker group..

In particular, if your site is listed in a hacker group, IPare trying to connect.

The log below is some access to the moment that caused the problem today. IPand the number of connections is high, but IPis not a few.

simply DoSIf it's an attack, you're lucky, but if you're looking for a security vulnerability by opening the post like the log below, you can see the problem is much more serious..

We ask that you refrain from using this word processing program as access continues even today despite our temporary blocking of your site..

constantly having problems Thai users are complaining a lot, and even in our terms and conditions, it is forbidden to provide services to accounts that generate server load, so I think you should consider it as well..

Thank you.

0-655 16699 0/18772/18772 W 345.70 7030 0 0.0 79.79 79.79 200.183.171.130 dobiho.com GET /?p=212 HTTP/1.0
2-655 16701 0/20536/20536 W 387.96 3345 0 0.0 79.02 79.02 194.137.80.76 dobiho.com GET /?p=133 HTTP/1.1
3-655 11064 0/187/19923 W 15.61 10915 0 0.0 0.01 69.15 211.46.221.34 dobiho.com GET /?p=133 HTTP/1.0
4-655 10171 0/214/19561 W 20.89 8237 0 0.0 0.00 61.64 81.204.99.247 dobiho.com GET /?p=153 HTTP/1.1


I asked if it was a DoS attack, and according to the hosting company, it seems to be looking for a vulnerability in WordPress, not a DoS attack.

this part is simple Two not an attack.

DoSThe attack root has already been blocked through the server security update..

Perhaps the source for finding the vulnerability of the program has been spread somewhere..

on our wow web wpThere are many people who use.

I've checked on almost all servers since a few days ago, but only your site is being attacked severely..

It's still coming in until this afternoon. 14dog IPwas blocked, but it continues to come in after that, and only the current cumulative 253개의 IPis blocked.

TwoAttacks don't come in this much, usually small 100in many circumstances 100A form that causes the server to go down by trying to connect more than ten thousand simultaneous connections TwoThis is a typical type of attack.

accessing your site IP Almost all in North America, Europe, Judging from the intensive inflow from the Caribbean region, it seems that your site has been registered as a vulnerable site in the hacker group in that area..

When I tried hacking on a few hacker group sites or searched for a list of hacked sites, it didn't come up, but I think it's other hacker groups..

The hosting company blocked the IP, and I upgraded to WordPress 2.2.3 and reopened it.

See you today, next Monday WordPress 2.3 released It looks like it will, but I need to upgrade in time.

I hope it doesn't crash now.

ps. I got an email from a web hosting company, and they said that they had blocked 300 IPs.

a few in the morning IPwas captured, but remains quiet so far..

IPAbout 300I'll block about a dozen or so of the quiet update, so I'll keep an eye on whether it's quiet or not, and I'll contact you if there is a problem..

 







Recommendations





0 If you like the article, please click the heart~ It will be a strength to bloggers (SNS/login/advertising is not related)



Articles you might like







Contact map: customer management on the map
4.6
Contacts at a glance on the map, location-based contact management, view nearby contacts












4 Comments

Add a Comment

Email addresses are not disclosed. Required items *is indicated by

























This posting is part of Coupang Partners' activities, and a certain amount of commission is provided accordingly.