WordPress Hacking Attempt from localhost
-
indiadamjones
- Posts: 4
- Joined: Fri Dec 11, 2015 9:49 pm
WordPress Hacking Attempt from localhost
Hello,
I'm running Vesta on a micro droplet from DO, and I I love it. Super absolutely awesome. Fast, and concise. So, I have a disturbing trend, which is someone attempting to brute force my wordpress sites, and the firewall identifies the origin IP as the server IP.
That scares me, and I'm not sure how to identify the vulnerability. I'm assuming I left off an important security measure, as the install was so quick an easy, I didn't give it much thought. Should I change my SSH port, or somehow alter the root ID from 'root'?
What can I do to get this hacker out of my awesome Vesta install. It's great! Another fine application from Russian devs, thank you!
Regards,
Adam
I'm running Vesta on a micro droplet from DO, and I I love it. Super absolutely awesome. Fast, and concise. So, I have a disturbing trend, which is someone attempting to brute force my wordpress sites, and the firewall identifies the origin IP as the server IP.
That scares me, and I'm not sure how to identify the vulnerability. I'm assuming I left off an important security measure, as the install was so quick an easy, I didn't give it much thought. Should I change my SSH port, or somehow alter the root ID from 'root'?
What can I do to get this hacker out of my awesome Vesta install. It's great! Another fine application from Russian devs, thank you!
Regards,
Adam
Re: WordPress Hacking Attempt from localhost
Hi Adam,
Are you using a security plugin like Wordfence? I had a similar problem where it was showing every visitor's IP as the server's hostname. So every "hacking" login attempt was essentially locking me out.
I had to follow this post in order to get the correct IP's showing up: viewtopic.php?f=10&t=6650#p20197
Might not be your problem - but worth checking your logs to make sure.
Good luck :)
Cheers
Louis
Are you using a security plugin like Wordfence? I had a similar problem where it was showing every visitor's IP as the server's hostname. So every "hacking" login attempt was essentially locking me out.
I had to follow this post in order to get the correct IP's showing up: viewtopic.php?f=10&t=6650#p20197
Might not be your problem - but worth checking your logs to make sure.
Good luck :)
Cheers
Louis
-
indiadamjones
- Posts: 4
- Joined: Fri Dec 11, 2015 9:49 pm
Re: WordPress Hacking Attempt from localhost
Thanks, I just gave that fix a try! Really appreciate the reply, I think that seems a likely candidate for my solution. Will report back after I see the effects of the change.
-
indiadamjones
- Posts: 4
- Joined: Fri Dec 11, 2015 9:49 pm
[RESOLVED] WordPress Hacking Attempt from localhost
Marking this resolved, thanks again.