Looking through the logs of this site, publication of this article very clearly triggered serious hacking attempts using wp-login.php brute force attacks trying several logins per second for a few days, This is still going on allthough at a somewhat lower pace. (1 attempt per 5s at the moment)
Even other sites I own, with negligable traffic normally are under attack. Yesterday a site of mine on the same server had 84,000 login attempts …
The server attacking above seems to be based in Singapore, but in the Digitalocean cloud.
Here’s the whois data for another offender. A hosting company in LA (Namecheap Inc) with a Turkish customer. Could be hacked of course …
Somebody obviously did not like the post …
hi,
if you log the passwords they tried,
maybe change it for something they already tried…. 🙂
maybe you have a computer guy friend who also can help
with the issue or better, is able to find the root?
kind regards,
franz
The password is a good one. No problem there…
I’ve actually been working with this stuff for many years myself, so have som knowledge. It’s really hard to know exactly who, but I log all the IP numbers, which is as close I get the source right now. Many attempts comes from IPs owned by “Namecheap Inc” in LA, but this particular part of the net belongs to a Turkish company …
Could be hacked of course …
I checked Wikipedia. Namecheap hosts more than three million sites. Wouldn’t that imply a ‘fair’ probability? (Btw, I really support the investigative journalism, but I think you should not jump to conclusions too quickly either.)
They are pretty big. Yes. But there some weird coincidences that strengthen my case, especially the timing of certain things that show up in the logs. Not 100% of course, but better than most stuff discussed in this circus …