People hacking wordpress sites

**NickFitz** · 3 November 2022, 17:43

I occasionally look at web server logs and they're always full of attempts to break in to all kinds of things, not just WordPress. Usually it's coming from some random IP address and probing numerous possibly-vulnerable URLs for a few minutes (which may or may not include /wp-admin or whatever it is, depending on what the bot is trying to achieve) after which they move on. Most servers I look at tend to get probed this way at least two or three times a day.

So it's probably not targeted at all, there are just millions of these things literally testing every IP address on the Internet for a way in, and your plugin reports the ones that try the endpoints it recognises.

**HoofHearted** · 4 November 2022, 11:09

I have a few WP sites which experience this as well. I use Wordfence (free version seems adequate enough). I did wonder if there's a list somewhere (dark web?) of possible sites and usernames, because I see the same (invalid) usernames being tried. I've got Wordfence set to max security, so IPs are blocked for 2 months.

I don't pay much attention to the IPs or their locations because I figure they're most likely being disguised anyway but I sleep better knowing that the perps don't get much of a chance to get in

People hacking wordpress sites

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

People hacking wordpress sites

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

Tag Cloud