This IP address continues to break into my WP admin. Advice?

boatBurner

boatBurner

shutup, crime!
Feb 24, 2012
1,521
35
0
*This IP address continues to TRY to break into my WP Admin - sorry.

Over the last couple of months, I get sporadic notices about IP address 5.39.218.136 trying to login to one of my WP site's backend. I've got some good security measures in place, so I'm not too concerned, but this person's IP has stayed consistent throughout the entire time. I'm wondering, what can anyone tell me about this IP address and would you be concerned at all?
 


Use .htaccess to redirect him to a good ol' google hammer.
 
move the wp-admin directory to a different directory

password protect the directory maybe? you would have to put in 2 passwords though just to login
 
I always set before *ANY* admin login for ANY CMS a htpasswd controled by the server and not by the CMS.

Then install fail2ban and redirect all logins to a special "login" http server log.
Let fail2ban check that log with a high auto ban.

Voila, you get an automated fail IP ban system.

You can customize the number of fails tries and the length of the ban and all.

Youself are login normal - under firefox and most browser you can bookmark your login URL in the format http://user : pass@URL - you even did not see for your access any difference.

Do not use the same passwords for the htpasswd and the CMS admin login - in that way, even when your system is stolen or whatever , people can breach the htpasswd but they still need to crack the CMS password - double security and buyed time to change the passes.
 
You must log in or register to reply here.
Top Bottom