homepage Welcome to WebmasterWorld Guest from 54.166.105.24
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Content Management
Forum Library, Charter, Moderators: ergophobe

Content Management Forum

    
Brute force attacks on Joomla sites
lorax




msg:4607220
 12:05 pm on Sep 4, 2013 (gmt 0)

A few months ago, WordPress was the first target. Now Joomla sites are undergoing brute force password attacks.

[blog.sucuri.net...]

 

aakk9999




msg:4607230
 12:34 pm on Sep 4, 2013 (gmt 0)

After having Wordpress hacked once 5 years ago, we serve 403 forbidden for all requests to admin login page not coming from our IP subset.

If you have s static or sticky IP range, this may greatly reduce hacking risks.

lorax




msg:4607244
 1:45 pm on Sep 4, 2013 (gmt 0)

We deny all except our own IPs or IP blocks for our local service providers (so our faculty and staff can work from home). I keep researching and tweaking the installs to make them tighter and stronger.

BillyS




msg:4607247
 1:56 pm on Sep 4, 2013 (gmt 0)

Password protect the administrator directory using .htaccess You can do this in Joomla, I don't think you can in Wordpress.

cmendla




msg:4608469
 1:12 pm on Sep 9, 2013 (gmt 0)

There is at least one extension that allows you to modify the back end url..

The one I use allows you to set it up so that the admin url is

www.mysite.com/administrator/index.php?yoursecretword instead of www.mysite.com/administrator

If you don't put the parameter in it will simply return you to the homepage

That has an added benefit in that the script kiddies will usually not keep attacking and sucking your resources if they can't get to the login page.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Content Management
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved