To whoever is bashing on my wordpress manager.
Fuck you your not getting in. 🖕 100 plus fucking emails with your failed attempts break in using brute force.
Discussion
Fail2ban might be useful here.
Na its a wode range of IPs coming in. And they get blocked for a few days if they fail.
I don't know much about WordPress but is there no way to not expose the login interface publicly?
On wordpress itself the most you can really do is change the default URL from "wp-admin" to something else. I do this pretty religiously nowadays.
But it wasn't wordpress that they were bashing on I have an application called infiniteWP that allows you to administer wordpress web sites that i use for my clients. it automates back up and updates and a few other aspects of managing a wordpress site.
i was actually getting ready to go outside and do some yard work but i got a flood of over 100 emails saying that there was a bunch of failed login attempts. it only lasted for a few minutes so now i'm paranoid and checking on my server logs.
what's really weird to me though is the ip range that everything was coming from it was all "127" ranges. I know there was talk at ICANN about freeing up that address range. but now i'm just fucking paranoid that something might be on my server