Joomla and WordPress Brute Force attacks

If you are using Joomla or WordPress  there is a high chance your site will be under attack now or in the near feature by a so called Brute Force Attacks.
The attacker tries to gain access to your application by guessing the password; often because users have the default username or simple passwords.

But such an attack has also an impact on the system resources, when an attack comes from an other infected server and multiple of these infectes sites are going to target your site together it actually works a bit like a ddos ; because all resources of your account get used and your account will be slowed down, with very large attacks it might even affect server performance in general.

While we take many precautions against such an attack the best way to counter such an attack is to install a script which stops IP after (some) failed login.
As well for WordPress and Joomla there are such a scripts. If you do not use WordPress or Joomla please check with your software developer if a login limit exists or can be implemented.

WordPress – We have seen good results with the following plugins:

Bruteprotect: https://wordpress.org/plugins/bruteprotect/
Wordfence: https://wordpress.org/plugins/wordfence/

Joomla – While no direct experience the following plugin should help:

Brute Force Stop: http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection/22982
an other plugin one of our customers recommend is: https://www.akeebabackup.com/products/admin-tools.html

It is possible in some cases to protect the /wp-admin/ (wordpress) or /administrator/ (joomla) directory with a .htaccess authentication script; as .htaccess functions on a server level our WAF (Web Application Firewall) will work as a login limitter as block IPs which fail.

2 replies

Comments are closed.