[162412] in North American Network Operators' Group
RE: [ PRIVACY Forum ] Huge attack on WordPress sites
daemon@ATHENA.MIT.EDU (David Hubbard)
Mon Apr 15 10:29:54 2013
Date: Mon, 15 Apr 2013 10:29:03 -0400
From: David Hubbard <dhubbard@dino.hostasaurus.com>
To: <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
apache's mod_security comes in pretty handy for reducing the
cpu load caused by these attacks; we've seen many sites we
host getting hammered on the wp-login.php page from these
bots.
Here's the rules that block the bad requests:
https://docs.google.com/document/d/1wCpp7U5uOw_krEkQrm9NXFf2LjpGvlZ7uoOK
0Ok4LGM/pub
David=20
> -----Original Message-----
> From: Damian Menscher [mailto:damian@google.com]=20
> Sent: Monday, April 15, 2013 7:17 AM
> To: Steve
> Cc: nanog@nanog.org
> Subject: Re: [ PRIVACY Forum ] Huge attack on WordPress sites
>=20
> FYI, the "new" part of this news is that the current botnet=20
> is 10x larger
> than the one you're thinking of.
>=20
> Damian
>=20
>=20
> On Sat, Apr 13, 2013 at 5:39 AM, Steve <angst1974@yahoo.com> wrote:
>=20
> > This is pretty old news , this "super bot-net" of=20
> compromised Wordpress
> > sites ( and others) has been attacking since September
> >
> > Sent from my iPhone
> >
> > ONANOG Digest,
> > > *************************************
> >
> >
>=20
>=20
