wp-login登录页面遭受黑客攻击

2014/9/5 技术文章 4 Comments 6,065 Views

刚登服务器进去,发现CPU一直高居不下,网站一直都是细水长流的,这现在太奇怪了,于是打开日志一看:

50.23.64.162 – – [05/Sep/2014:19:59:11 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:12 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:14 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:16 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:17 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:19 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:20 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:21 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:22 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:23 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:23 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:24 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:25 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:27 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:28 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"
50.23.64.162 – – [05/Sep/2014:19:59:29 +0800] "POST /wp-login.php HTTP/1.0" 200 4473 "-" "-"

我去,这不是一直在暴力猜我后台的密码嘛,一查IP,不知道是哪只美国猪,SHIT!

这里顺便说个解决方案:
1.进后台下个Rename wp-login.php,把自己的登录页改了吧。
2.可以把IP列入黑名单,节省你的服务器开销吧。



郑重声明:
除特别声明为转载内容外,本站所有内容均为作者原创,谢绝任何单位和个人不经许可的复制和转播!
对于确有转载需要的,请先与作者联系,在获得允许后烦请在转载时保留文章出处。
本文出自Lupin's Blog:http://www.cnzui.com/archives/1155