Bass Fishing Forum

Hello ladies and gents.

The main site is being attacked quite a bit and our firewall is heavily at work to make sure nobody gets in. It's the first time it automatically emailed me, 6 times even, to let me know about such an attack surge.

All this comes down to - if we get some server hiccups you know why. Defenses holding up high as of now.
I should probably clarify that this has nothing to do with your passwords and there is no need to change them, it's a pure hacking attempt, trying to inject SQL code through our WordPress side.

Appreciate the info, Flavio.

Well they can ^-^ off, I went in and server banned the IPs connected to this madness. It was still going after over an hour, enough. Most likely behind some proxy or VPN or whatever, because it was from Canada, USA and UK so... ~xyz

Not a single attack after the bans, I think that hit the spot PoPo

Flavio

Thanks for the heads up and for taking care of the issue.   You're the MAN  ~bb  ;)

My crappie club forum site has been down for 3 days now and one of my bass sites has been down for the past 2 days.  Clearly forum attacks are on the rise....

@TechAdmin

Thanks for posting this Flavio! One of my upcoming courses is on SQL code injection, both how to do it and how to defend against it. I wonder if they will cover plugins like this.

Either way I can put your information to good use.

Sent from my SM-S908U using Tapatalk

Thanks for your diligence, Tech Dude.

(and I understood just about ZERO of what you said)

Dale

This hasn't stopped, I had to ban (hard ban, on server side) numerous extra IP addresses as there seems someone or some kind of bots are absolutely hell-bent on trying to hack both the Wordpress side and now the forum side too. It's been going on for days, some IP addresses have been reported as well because they are not behind proxy/VPN by the looks of it.
This morning was bad enough for me to be late for a trip ~rant
Will be in touch later, checking every now and then.

Is there anything we can do on the Word Press side?

Negative, that stuff is on me, it's .htaccess server bans, you may read about it huh... I wrote it in a couple places, this comes to mind: https://www.stopforumspam.com/forum/viewtopic.php?pid=42838#p42838 (https://www.stopforumspam.com/forum/viewtopic.php?pid=42838#p42838)
Wordpress is already running Wordfence, which is helping a LOT with detection.

Large botnet attacked Wordpress side trying to login as administrator, no success and lots of IPs have been automatically banned for 2 months.

Mostly coming from Brazil, but I've seen Lebanon and Iraq, so a bit all over the world, specifically targeting us.

The whole attack lasted TWO minutes, but for bots it's long enough... I can confirm they did NOT manage to login. I get an email whenever an admin logs on :)

Private message boards have been under attack for the last few months.  Everyone having to up their security game...

Some more bans today...

I'm not sure how true that is but apparently we have over 70 thousand guests lately, that's a new record. That also caused a bunch of errors in the logs, I made a change to the database, let's see if it works.

Quote from: TechAdmin on January 09, 2025, 07:38:55 AMI'm not sure how true that is but apparently we have over 70 thousand guests lately, that's a new record. That also caused a bunch of errors in the logs, I made a change to the database, let's see if it works.

Thanks for the update, Flavio! PoPo

Flavio you are our family Pitbull!  Thanks for all you do.  Most the old timers understand little of what you say, but we know we are in good hands.  Thanks ~c~

Flavio

My good man tks for all you do for us here at UltimateBass.