Here Comes the Ban Hammer!

If you pay any attention at all to IT security issues, you probably know that many (most?) computer viruses and malware aim to turn your computer into a “bot”. As part of a group of infected computers (known as a “botnet”), your computer would then be used by the virus’ author to send out spam, conduct Denial of Service attacks on other computers, or whatever other evil thing the author has in mind.

But there’s a new breed of malware out there attacking WordPress installations. Why? Because most WordPress installations are hosted at data centers, which have several times the bandwidth of your puny home connection.Which makes total sense if you think about it: if having horsepower and bandwidth are the ultimate goals of a botnet creator, why bother with home users and their rinky-dink Pentium 4s and 1.5Mbps DSL connections? Think big and go for a quad-Xeon box at a T4 data center!

Anyway, the point is, I have really jacked up the security on this site as of late. One thing I’ve done is to add two-factor authentication. The second is that I’ve installed a plug-in which tracks login attempts and IP addresses. If unsuccessful, it locks out the IP address for 72 hours and emails me the IP address of the rogue computer.

So here’s a new policy: if your IP address tries to login to the admin portion of my site more than three times, your IP address is locked out for 72 hours. If your IP address is locked out more than once, your IP is banned permanently.

If you feel that your IP address was banned unjustly, please let me know (and seriously, I’d love to hear your story) and I’ll look in to it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.