I became aware of strange happenings on my Purpleogre Brewing Blog just after I moved my Page28 domain registration from one registrar to another. I got some 403 errors, It turned out I had been Hacked !
Parts of My Beer blog were being diverted. After I raised a support Ticket I also noticed a folder that shouldn’t have been there…
Trawling through the backups it appeared between the 2nd and 3rd of August, just a day before an SQL injection bug was patched by WordPress !
I had Limit logon attempts set and simple History plugin installed but TSOHOST support suggested Wordfence. so I have given it a go….
Very enlightening !!!
It made me aware of a slide show plugin vulnerability and after I’d removed the plugin several attempts from IP’s in the Ukrane to expoit it…
and just the sheer number of scrapers trying out those now non existant links !
it also showed me how many login attempts were being made on my admin account…and where from….there’s certainly a pattern…for probes on both my sites..
Last night Just as I was about to turn in for the night, I got an email alerting me of one such attempt,
now it could be just a coincidence but it came on the same day I blocked a subnet for a french scraper who was top hitter for 404’s, It was coming from the outskirts of Paris…
Why are the after my sites ? I’ll never know ! Since they attacked my Beer Blog first do they have something against Beer ? or was it just easier because of the slideshow vulnerability.?
Do I have to start Blocking Whole Countries ????