cancel
Showing results for 
Search instead for 
Did you mean: 
Go to solution
Highlighted

Failed login attempts by hackers...

  I receive notices from GoDaddy on a regular basis informing me that a particular IP address has been temporarily blocked due to multiple failed login attempts. The IP addresses tend to change regularly (usually routing from China, Russia, Ukraine, etc.), but there is one particular offender located China that has shown up hundreds (maybe thousands?!) of times - clearly working on a brute force attack. I assume it is part of a botnet, but is there anything that can be done on the server/dns side to block ALL traffic originating from this ISP in China before it arrives at my web site? The offending IP is 123.57.254.142 - Any suggestions would be appreciated!
2 REPLIES 2
Employee
Employee
Solution

Re: Failed login attempts by hackers...

What kind of hosting are you on? If you have cPanel there's a menu option to block IP addresses.

 

If you're not, the cheap and easy way to handle this is to block the IP in your .htaccess file. You'd add this up top:

Order Deny,Allow
Deny from 123.57.254.142

 

But I don't know the importance of this site or want to make any assumptions. The real, ongoing fix for this issue is to purchase the web application firewall that comes with GoDaddy's Website Security Deluxe package. It automatically handles bot brute force attacks, and allows you to deny access from geographical regions. 

Re: Failed login attempts by hackers...

Thanks! I also just discovered and installed a WP plugin called IP Geo Block that looks like it may help. Some of the settings are a bit cryptic and will take me awhile to understand, but at least I can add the offending IP addresses to a blacklist. It looks like there is an option to blacklist entire countries so I will investigate that setting. (My web site is dedicated to providing a history of a particular class from the US Naval Academy - pre-WWII. There is no sensitive government information - it's not hosted (obviously) by the govt, but I assume outsiders see 'Naval Academy' on the site and think they could find a back door to govt systems.)