BruteForce attacks


#1

Hi guys, despite all the protections I’ve set up on Pencil2D; I had a message this morning from my host telling me they have set a double auth authentification on Pencil2D.org since they detected a big Bruteforce attack whose purpose was to find my password.

I guess this is related to all the problems we had some weeks ago.
I’ll speak with my host to know how I can handle this.
Meanwhile, you probably won’t be allowed to login on Pencil2D.org.

Those hackers are really a pain in the ass…


#2

Thank you for letting us know.

I wish that instead of trying to fuck up a non-profit site & software like Pencil2D they should try to help us and code the goddamn software for once, that is “true hacking” for whatever is worth. What they are doing is trying to crack the shit out of the site and it is a saddening thought that we can’t even get developers to properly help us, but we get more spammers and crackers by the minute.

On a related note, I hope this is not similar to what happened to the Linux Mint distro a few weeks ago, which was that some crackers swapped the ISO with a copy of their own which had a backdoor so unaware users were vulnerable to their attacks.


#3

Yeah, it’s a god damn disease :slight_smile:
They just want to hack pencil2d.org to turn it into a zombie sending spam…

And you know why ? Because there is some traffic here, about 2500-3000 visits a day… And THAT should be a good news :slight_smile:

Well, I just added another plugin to avoid “brute force attacsk”. If a user (an IP) failed to log after 5 times, he’s banned for a moment. That should slow down the whole thing. But hell, I’ve already installed 10 security plugins here :confused:


#4

Hi!

The website is still really laggy, do you know why?


#5

Hi @darckcrystale, maybe because of all the security stuff we had to put to block all those attacks… About 1500 spams are blocked daily… :confused:


#6

Hi folks.
That’s sooooo annoying but I received (again) a mail of my host warning me that there still is a problem on this website; which consumes too much ressources, probably because of a security issue.
Despite all my efforts to secure this; it still happens…

Well, i’m going on vacations today and have no time to check all this; so we have set a temporary fix and users won’t be able to login on the website for at least two weeks.

Please apologize for the inconvenience.


#7

Hi guys, do you think the problem seems to be fixed with the new Captcha ? Have you spotted any strange behaviours ?


#8

@gordie I haven’t logged on the site until today. Despite what you say I saw a whole lot of people registered even with the blockade. So far I haevn’t seen any weird posts, but the forum is on the verge of death. I was honestly thinking of opening an “official” Pencil2D facebook group for people to hang around and post their stuff, because the fanpage is rather bad for that, the google+ page is not moving at all, and the tumblr blog has very little following so everything that’s reblogged over there only reaches 2 or 3 people tops.

If I see anything weird aside ill report here. Hope you had some rest in your vacations!


#9

Hi,
The attacks can happen anytime and you even don’t know about it. Well you may be not aware of Brute force attack and this is also very harmful. When it attacks you may don’t know and therefore you should know about it. Well some of the tips are there which can help you to protect you from brute force attack.

See more on: http://www.combatpcviruses.com/brute-force-attacks-tips-to-keep-the-bots-at-bay


#10

Now that the website seems stabilized,
I disabled some of the security plugins; which were slowing down the website.

I also updated the bbPress Votes and bbPress Pencil Unread plugins (which I created).

Please tell me if you see something strange !