wordpress客户后台暴力破解和解决方法

作者:VPSAA技术部 发布时间:June 9, 2013 分类:教程

最近收到多个wordpress客户后台登陆页面暴力破解带来的滥用资源的问题,直接影响了服务器稳定运行,在此提供解决方案。

1.修改登陆地址,打开wp-login.php文件,在<!DOCTYPE html>上面插入下面的代码。

<?php

if($_GET["name"]!=”zhaorong”){

header(‘Location:http://www.baidu.com/ ‘); 


} ?>

之后,对于登陆页面的访问,将跳转到百度,而我们访问后台就使用/wp-login.php?name=zhaorong即可。

2.使用插件。

向使用wordpress客户推荐一款防范管理员登陆后台暴力破解穷举的插件:Limit Login Attempts

大家可以在Wordpress后台直接搜索插件,也可以在官方下载该插件。
wordpress官方下载插件地址:http://wordpress.org/extend/plugins/limit-login-attempts/

附:暴力后台的访问日志案例

59.133.180.27 - - [09/Jun/2013:19:58:37 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
46.241.211.35 - - [09/Jun/2013:19:58:38 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
78.170.127.212 - - [09/Jun/2013:19:58:38 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
5.13.135.100 - - [09/Jun/2013:19:58:38 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
178.153.24.82 - - [09/Jun/2013:19:58:38 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
27.87.9.149 - - [09/Jun/2013:19:58:32 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
213.55.76.18 - - [09/Jun/2013:19:58:33 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
88.163.252.48 - - [09/Jun/2013:19:58:35 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
147.30.12.247 - - [09/Jun/2013:19:58:34 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
62.168.67.224 - - [09/Jun/2013:19:58:34 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
27.142.33.113 - - [09/Jun/2013:19:58:43 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
27.142.33.113 - - [09/Jun/2013:19:58:43 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
219.110.148.88 - - [09/Jun/2013:19:58:43 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
113.53.195.109 - - [09/Jun/2013:19:58:36 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
180.252.84.27 - - [09/Jun/2013:19:58:36 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
2.176.61.128 - - [09/Jun/2013:19:58:36 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
118.1.249.97 - - [09/Jun/2013:19:58:36 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
65.55.24.237 - - [09/Jun/2013:19:58:37 +0800] "GET /archives/300.html HTTP/1.0" 200 33226 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
114.160.116.70 - - [09/Jun/2013:19:58:41 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
212.33.78.207 - - [09/Jun/2013:19:58:48 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
122.169.233.173 - - [09/Jun/2013:19:58:40 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
109.111.183.176 - - [09/Jun/2013:19:58:41 +0800] "POST /wp-login.php HTTP/1.1" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
112.209.138.171 - - [09/Jun/2013:19:58:51 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
114.161.8.231 - - [09/Jun/2013:19:58:43 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
122.169.233.173 - - [09/Jun/2013:19:58:42 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
189.133.222.38 - - [09/Jun/2013:19:58:51 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
125.192.103.194 - - [09/Jun/2013:19:58:51 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
125.25.8.223 - - [09/Jun/2013:19:58:51 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
112.209.138.171 - - [09/Jun/2013:19:58:52 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
125.25.8.223 - - [09/Jun/2013:19:58:52 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
202.126.91.128 - - [09/Jun/2013:19:58:52 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
111.191.175.137 - - [09/Jun/2013:19:58:45 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
83.110.224.118 - - [09/Jun/2013:19:58:44 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
88.163.252.48 - - [09/Jun/2013:19:58:53 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
85.104.64.58 - - [09/Jun/2013:19:58:53 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
27.135.247.154 - - [09/Jun/2013:19:58:54 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
180.48.205.150 - - [09/Jun/2013:19:58:54 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
222.127.85.125 - - [09/Jun/2013:19:58:54 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
188.245.168.85 - - [09/Jun/2013:19:58:54 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
202.152.202.239 - - [09/Jun/2013:19:58:55 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
220.108.161.95 - - [09/Jun/2013:19:58:55 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
49.145.117.112 - - [09/Jun/2013:19:58:47 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
120.28.214.94 - - [09/Jun/2013:19:58:56 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
49.145.117.112 - - [09/Jun/2013:19:58:56 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
115.31.21.232 - - [09/Jun/2013:19:58:56 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
91.78.111.227 - - [09/Jun/2013:19:58:47 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
46.248.52.124 - - [09/Jun/2013:19:58:47 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
95.82.126.147 - - [09/Jun/2013:19:58:48 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
180.48.205.150 - - [09/Jun/2013:19:58:49 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
41.98.1.89 - - [09/Jun/2013:19:58:50 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
125.192.103.194 - - [09/Jun/2013:19:58:51 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
95.82.126.147 - - [09/Jun/2013:19:58:51 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
180.48.205.150 - - [09/Jun/2013:19:58:53 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
180.48.205.150 - - [09/Jun/2013:19:58:53 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
115.31.21.232 - - [09/Jun/2013:19:58:55 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
126.91.17.182 - - [09/Jun/2013:19:58:58 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
5.34.52.31 - - [09/Jun/2013:19:59:00 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
181.112.157.99 - - [09/Jun/2013:19:59:03 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
49.144.125.77 - - [09/Jun/2013:19:59:04 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
204.14.79.74 - - [09/Jun/2013:19:59:04 +0800] "POST /wp-login.php HTTP/1.1" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
49.144.125.77 - - [09/Jun/2013:19:59:04 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
2.176.163.186 - - [09/Jun/2013:19:59:04 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
109.100.175.40 - - [09/Jun/2013:19:59:06 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
93.116.202.215 - - [09/Jun/2013:19:59:06 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
88.163.252.48 - - [09/Jun/2013:19:59:07 +0800] "POST /wp-login.php HTTP/1.0" 508 7460 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
42.115.33.21 - - [09/Jun/2013:19:59:01 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
126.31.85.15 - - [09/Jun/2013:19:59:01 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
27.142.33.113 - - [09/Jun/2013:19:59:02 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
212.175.133.30 - - [09/Jun/2013:19:59:02 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
37.123.34.242 - - [09/Jun/2013:19:59:02 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
189.224.81.201 - - [09/Jun/2013:19:59:02 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
121.54.92.2 - - [09/Jun/2013:19:59:02 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
69.9.114.18 - - [09/Jun/2013:19:59:02 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
2.50.147.49 - - [09/Jun/2013:19:59:03 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
49.144.125.77 - - [09/Jun/2013:19:59:03 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
121.1.38.228 - - [09/Jun/2013:19:59:08 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
60.237.124.13 - - [09/Jun/2013:19:59:10 +0800] "POST /wp-login.php HTTP/1.0" 200 3303 "http://xxxxxx.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"


 

标签: wordpress暴力破解, wp-login.php

仅有一条评论 »

  1. 这个方法不错,多谢分享

添加新评论 »