Jump to content


billhector's Content

There have been 7 items by billhector (Search limited from 11-April 20)


By content type

See this member's

Sort by                Order  

#4275 Extremely Large WordPress WP-Admin Brute Force Attacks

Posted by billhector on 12 April 2013 - 09:14 AM in Server and Network Announcements

Changing the username absolutely will save many accounts from being compromised.


So, MDD changed every hosted WP site to protect the people that had a user name of 'admin' and a password of '123456', right?

You said it yourself, changing the user name in and of itself will not stop the attack. The password is the issue.

Sorry, I don't see how protecting nimrods from themselves is good for anyone. They've still got the password '123456'?!

Now that we've confirmed that in fact the password is the real issue, it makes me wonder why even the word "password" was missing for Mike's email. I have a reseller account. They email I sent to my clients quoted Mike, but I also went over password security and mentioned the great product LastPass.

Finally, this latest WordPress on MDD apocalypse has pretty much confirmed to me that Mike hates WordPress and would love for every last install to leave. He won't say that ever, but it's clear as rain. Too bad.



#4273 Extremely Large WordPress WP-Admin Brute Force Attacks

Posted by billhector on 12 April 2013 - 08:32 AM in Server and Network Announcements

The attack is attempting to brute force / guess the password for the admin user of any WordPress installation it can find. Since the admin username is the default in all new WP installs, many users make use of it or have not removed it from their site. Changing the username forces the attack to guess the username (which it isn't trying to do, to our knowledge) AND the password, which makes it much, much harder for your access details to be guessed when they do not already know a username that possibly works.


Thank you. This is exactly my point. The attack will continue whether the user name is changed or not. It makes no difference. The attack probably makes x number of attempts, and since WP isn't returning any useful information, the attack continues until the x number has been reached or the login has been successful. So, changing the user names was a pointless exercise.



#4271 Extremely Large WordPress WP-Admin Brute Force Attacks

Posted by billhector on 12 April 2013 - 06:50 AM in Server and Network Announcements

Before I totally lose it, let me ask this one question: why is this brute force attack a problem if the response to a failed WordPress login is noncommittal? The error response doesn't tell you whether the user name OR password was the problem. So, changing the user name gives an attack the same information as not changing the user name, thus it doesn't stop the attack.

Please explain.



#4237 "urgent" notices from MDD

Posted by billhector on 06 March 2013 - 12:25 PM in Reseller Hosting Support Forum

My inbox just got flooded with "urgent" notices about out dated WordPress installations. Okay, I get it. But I'm wondering how useful it is to send these emails to the reseller and not the specific account admin. Because unless I then go and email each of these individuals, nothing gets done. Why not deal with the person who installed WordPress in the first place?

OR, if that doesn't work (I understand you might want to leave communication to the reseller), how about adjusting the tone and content of the emails? First, take the tone down a notch. The world isn't ending. In some cases, "URGENT" seems a little much. I received one notice saying that a 3.5 WordPress was out of date -- URGENT! Well, I guess it's out of date. WordPress is now at 3.5.1.

Also, the email sent to resellers is written as we've never heard of WordPress. We get it. Updates good. Old bad. Why not write a 100 word email with links to resources. Done.

Or you can keep doing what you're doing ...



#3778 Cypress Server Migration / Upgrade - Within 14 days

Posted by billhector on 11 July 2012 - 10:17 PM in Server and Network Announcements

I was well aware that you where changing servers. That's not the issue. You kept us updated fine. What we did not know is that you were changing server names. That we did not know. At all.

I will open a ticket in the morning, EDT, when i can keep on top of the communication and you can help with our settings.

BTW: "mail.theirdomain.com" does not work 100% of the time. I know. It doesn't work for me, despite me setting up the dns how I thought it was supposed to be.

Thank you. We'll speak later.



#3776 Cypress Server Migration / Upgrade - Within 14 days

Posted by billhector on 11 July 2012 - 09:49 PM in Server and Network Announcements

No. Are you serious? Let me get this straight.

You are now going to change the server name so that I have to change all my email preferences (along with all my clients, because I have a reseeler account)? Really? And this happens at sort of a random time, in the middle of the night?

Which I guess wouldn't make much of a difference if I could have created a subdomain name that was mapped and worked (for example, mail.domain.com). But I could never get that to work, for me or clients, so I just gave up.

Please tell me that the situation isn't as dire as I think.

BW



#3751 Cypress Server Reboot - 06/29/2012 - 1 AM EST - Estimated Downtime is 10 minutes

Posted by billhector on 28 June 2012 - 06:04 PM in Server and Network Announcements

This has nothing to do with the server migration? Any news on that front?