The Lost Notebook

hacks (3)


Protecting Against WordPress Brute-Force Attacks

One of our customers was experiencing very high load today. Checking his logs showed too many IPs trying to hack at the wp-admin.php login page. Here’s a snapshot of what I saw:
# tail -f /var/www/vhosts/*/statistics/logs/*_log
==> /var/www/vhosts/example.com/statistics/logs/access_log <== 10.0.1.169 - - [03/Oct/2013:05:50:17 -0500] "POST /wp-login.php HTTP/1.0" 200 4479 "example.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 10.1.1.206 - - [03/Oct/2013:05:50:21 -0500] "POST /wp-login.php HTTP/1.0" 200 4479 "example.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 10.0.2.197 - - [03/Oct/2013:05:50:23 -0500] "POST /wp-login.php HTTP/1.0" 200 4479 "example.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 10.0.55.117 - - [03/Oct/2013:05:50:24 -0500] "POST /wp-login.php HTTP/1.0" 200 4479 "example.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
That went on forever!

The first thing I did was use the fail2ban filter I found here.

Unfortunately this did not work as the attack was widely distributed. Fail2ban is ineffective against such attacks. So the next thing I tried was password protect that page. I added a few lines in the apache configuration for that VirtualHost for basic authentication. That worked and the load instantly dropped to normal.

In case the files got lost or misplaced here's the gist:

Similar Posts:



This and Lots of That

It’s been a while since I wrote anything here. We moved, then kept on moving until we could move no more. Or at least that’s how it felt. From the quiet fresh and mostly healthy environment in the mountains of Lebanon to the confinements of Beirut, it wasn’t really that much fun. It took a while to get settled, and I could honestly say that after 3 months of that we’re still not there yet. I don’t think we will be settled here in any case, so it’s not that big a deal.
The only problem is that the coping is not the same as enjoying. And the creative process needed for coping is pretty different.
I won’t go on a rant, I still have things to do. I just thought I would share a few things I’ve been doing in the last 3 months or so.

Bread making

We had been thinking about this Moulinex bread machine for a rather long time. Pia did the research and it seemed like the best one we could find in the Lebanese market. We didn’t shell out an extra 60$ for the “Baguette” version as it seemed very silly to pay that much for a simple insert!
Since then, we have been making our own bread. Played around with the recipes and indulged in some “pain au lait” and brioche the first week or so. Then we moved back to our regular whole wheat bread. That smells and tastes just great.
I am still looking for Rye flour, and not finding any. Maybe I’m just looking in the wrong places.
pics coming soon

Small hacks

Desk lamp

For some reason, I am not able to find anything these days. Or things are simply too expensive to be reasonable. We need a couple of desk lamps, but I couldn’t find anything below 100$. Now tell me this is not crazy! I found clip-on lamps at the Chinese store in Manara for 4000LBP(~3$). But their necks were too low. So I bought a microphone stand for 15$ and fixed the neck of the clip-on lamp on that. Pia was positively impressed and I felt pretty proud of myself. Compare this to prices on Amazon! *sigh*
pics coming soon

Internet TV

I did not hook the TV to the cable/antenna/sat receiver yet. For different reasons (mainly being lazy). I will probably do that soon, but meanwhile I am enjoying getting all the latest TV series and my favourite movies thru a combination of flexget, deluge and xbmc. Oh, and here’s a good howto to get you started.
I also use the official XBMC remote for android and Transdroid (not from market) from my phone to control those. It’s a good combination, pretty easy and I don’t have to think about it. The only problem I have is that the old Dell i6400 I’ve been using as HTPC is slowly dying of old age and I have yet to find a suitable replacement!

Cloud9 IDE

Almost all of the PCs/Laptops we have are in sync. Still using the IDE and re-syncing the files on the laptop after working all day on the desktop (even with the ease of git) is a bit annoying for the lazy programmer in me. And I have been looking for an IDE to use on the road even when I’m out of the house. Enter Cloud9 IDE. Sure it’s nice to work in the cloud, but it turns out they have a standalone version that doesn’t have all the bells and whistles (no problem here). You will need nodejs setup along with a few dependencies and modules. But it’s really worth it. I’ve been playing with a new personal app for the android (and perhaps iOS) to be released soon and doing all of the work (so far) inside c9.

Gadgets wishlist

Here’s my list for the coming months:

Similar Posts:



RimuDNS python module

I wrote previously about building dns zone files mostly by querying DNS and saving the results to a file.

The method is not perfect, and it will not be possible to get all the records. In fact, you could get all the records incorporated in the result file if you already have a list and feed it to your code.

I wrote a python module to manage DNS records using the RimuHosting DNS API. The code is hosted at GitHub.

I also added a guessing feature.

Similar Posts:




The Lost Notebook, 2023. Theme Material for Coders