Not sure who this is that is attempting to hack into my blog so desperately, but seriously, time for a new hobby:
| administrador | 202.137.154.1 | 20 mins ago |
| administrador | 186.101.223.223 | 1 hour 41 mins ago |
| administrador | 115.84.92.197 | 3 hours 2 mins ago |
| administrador | 200.63.105.23 | 4 hours 20 mins ago |
| administrador | 137.59.225.11 | 5 hours 38 mins ago |
| administrador | 181.198.216.161 | 6 hours 56 mins ago |
| admin | 168.195.206.130 | 9 hours 36 mins ago |
| admin | 115.84.92.48 | 10 hours 55 mins ago |
| admin | 200.43.234.138 | 12 hours 14 mins ago |
| admin | 115.84.92.3 | 13 hours 33 mins ago |
| admin | 115.84.99.18 | 14 hours 48 mins ago |
| admin | 187.189.27.236 | 16 hours 7 mins ago |
| admin | 103.1.94.110 | 17 hours 26 mins ago |
| admin | 177.19.164.181 | 18 hours 44 mins ago |
| admin | 202.137.141.190 | 20 hours 5 mins ago |
| admin | 186.101.223.216 | 21 hours 25 mins ago |
The thing that makes me crazy is, what does this really get them? I mean, OK, you might be able to control the blog and put up some stupid political comment or a spambot, but I’m actively engaged with the thing. I update it regularly. I’m going to notice pretty darned shortly and then use my ability of accessing the hosting company to get you kicked back out and a restore run.
The time you’re putting into this can’t possibly be worth the return. Not to mention, I’m not exactly Instapundit.com here with my blogging. There aren’t millions of people per day looking at this place. The six or seven hours of use you might get out of the blog (last time I was hacked was less than that and I was flying at the time) will only net you a couple of thousand hits.
Please, take up another hobby. I’m looking at getting into HAM radio after I finish my current round of books. Why don’t you do the same. We can talk instead of you attempting to make a mess of my blog. Sound fair?
You are not an end target, you are practice, that is what I think.
Oh, I know it’s not personal. Where’s the fun in recognizing that I’m just on some general attack list collected and distributed through some completely automated process probably without a single human involved, probably even in the generation of the code itself.
I’M A PERSON DAMN IT! I MATTER!
Ha!
Grant, these attacks are certainly not personal. Several possibilities:
1. As Peter stated, you could be just a practice target as WordPress as several known vulnerabilities.
2. You could be just an “experiment” for someone looking for new vulnerabilities.
3. You could just be an opportunity for someone. They’re out to cause problems for anyone available.
Knowing this doesn’t make it any less of an annoyance however. I’m sure this will be stating the obvious to someone involved in IT as long as you have been, but I state it for those you might not know: Harden your WordPress where possible, patch what you can and obviously contact your hosting ISP.
Thanks. You’re right of course. I know it’s a personal thing. I’m just irked. I have taken a number of steps and I’m working on more.
Did you recently add the plugin to log these? I’d think with WordPress powering 30% of the Internet and most it being terribly secured the bots are just all over.
Not recently no. Last year, after I was successfully hacked for a couple of hours, I did a thorough cleanup and security on the blog. I’m running WordFence, a server side firewall and scanning software. It’s the one capturing these metrics.
Troy Hunt did a post about why every website has value to a hacker:
https://www.troyhunt.com/the-one-valuable-thing-all-websites-have-reputation-and-why-its-attractive-to-phishers/
Thanks for sharing that.
Am I the only one who finds the (mis)spelling of “administrator” interesting?
I thought that was a little odd too.