Skip to main content

Brute Force Protection explained

· 2 min read
Pyxsoft

pyxsoft-brute-force

The brute force is one of the most common ways used by hackers to gain access to a server.

This method is used against many targets:

  • SSH
  • FTP
  • Mail accounts
  • CMS like WordPress and Joomla!

In the lasts times there have been a huge increment in BF attacks against WordPress and Joomla sites.

Those attacks come from a large network of infected servers. The attacker can test thousands of passwords per minute against one single site using bots from large infected networks.

When a server is under attack, the load raises up, the memory usage increases and the CPU usage increases too.

In case of constrained memory servers, many times they begin to swap and the whole system fails. Apache usually hangs up and the server has to be hard rebooted.

Once the attacker gains access to the WordPress or Joomla backend, it is easy to upload trojans, phising sites or mailers.

Pyxsoft Brute Force Protection

Pyxsoft Anti Malware protects your server against Brute Force attacks to WordPress and Joomla sites.

How it works?

Every time a failed login is performed, the Pyxsoft agent register the IP. If repeated failed logins are performed from that IP, pyxsoft blocks it for all login forms in the server.

The attacker/bot/user only will see the next message: “ACCESS DENIED”

The result is simple. All subsequent attempts to login from that IP will not be executed by WordPress, protecting the server load, the memory and the CPU usage. The server becomes more stable under BF attacks.

Sometimes the BF is not really an attack. Sometimes the legitimate user forgets his password and triggers the BF protection, blocking himself.

In this cases, the ACCESS DENIED message will not appear. It will be replaced with a message to solve a captcha:

pyxsoft-captcha

If the user solves the captcha, Pyxsoft unblocks the IP and the login form will be shown again.

We provide translated messages for many languages. If yours is missing or if there is an error in the translation, please let us know.

With Pyxsoft Brute Force protection your sever will be safe against this vector. All of the WordPress and Joomla installations will be monitored.

References:

https://blog.sucuri.net/2015/09/wordpress-brute-force-attacks-2015-threat-landscape.html https://7labs.heypub.com/webdev/stop-brute-force-attack-wordpress.html