Tag Archives: wordpress

Wordpress: Database access error of doom

wp-db-error Usually it happens after migration. When there is absolutely nothing that could possibly go wrong:
Read more »

Share Button

How to use BFD tool to block WordPress brute force attacks

I have written about the excellent and lightweight (unlike fail2ban which is more popular but too resource consuming and 3rd party tools dependent) tool BFD earlier. This tool is actually the set of bash scripts that looks for known pattern in the logs and executes actions against offending IPs based on the configuration. Little is known that it’s also modular and allows to extend it’s behavior by writing custom rules to assist with more uncommon situations.

I’ve also written about widespread WordPress brute force attacks that targets wp-logon.php script. The solution I’ve offered there takes care of single WordPress site. It’s getting more difficult to mitigate the attack in case you have multiple servers with multiple WordPress sites. So I decided to come up with more general approach.

Read more »

Share Button

Wordpress: how to trim your wp_options table

wpautoload
In my line of work I am exposed to various Wordpress installations – different plug-in sets, different themes, various amount of content – so, I have my fair share of troubleshooting Wordpress performance issues related to almost anything.
Read more »

Share Button

Wordpress: spambots mating season

wp-spamDid anyone notice how quadrupled number of spam comments during last week? I usually check Comments->SPAM folder on daily basis and where usually was about 3-8 comments a day now no less then 70.
It’s interesting and educating to observe how spamming technologies and tools evolve over time – just a few weeks ago there was a wave of spam comments masquerading as pingbacks from completely unrelated blogs, then (mostly from russian origins) spam comments containing couple of paragraphs of text from some text book, now almost every other spam comment contains url from gravatar.com site.
Thanks to the excellent anti-captcha plugin nobody ever sees these comments on my blog except me, in spam folder, and if a real person will decide to leave the comment he will not need to strain his vision trying to recognize graphical captcha (I hate it too).

Share Button