Just got this note from the security plugin:
Your website, Squirrel Hacker, is undergoing a brute force attack.
There have been at least 50 failed attempts to log in during the past 120 minutes that used one or more of the following components:
Component Count Value from Current Attempt Network IP 50 176.42.17.176 Username 50 user Password 1 dragon The security plugin for WordPress is repelling the attack by making their login failures take a very long time. This attacker will also be denied access in the event they stumble upon valid credentials.
Further notifications about this attacker will only be sent if the attack stops for at least 120 minutes and then resumes.
Guess the plugin works.
For those of you playing along at home, here are the stats so far:
attempts | username |
---|---|
274 | admin |
159 | user |
1 | daily-bot |
1 | seanja |
The bots seem to have decided that I have an account called “user”, which is interesting because I don’t.
And the IPs that have been trying to get me:
Count | IP Address | Location |
---|---|---|
208 | 176.42.17.176 | Istanbul (Not Constantinople), Turkey |
83 | 188.165.243.45 | Roubaix, France |
75 | 85.114.133.118 | Dusseldorf, Germany |
47 | 171.25.190.77 | Riga, Latvia |
18 | 188.143.232.144 | Saint Petersburg, Russian Federation |
2 | 94.23.238.95 | Roubaix, France |