Quote:
Originally Posted by rowan
If your IP is static, block everything but that from the login page. That's pretty much your problem solved.
If your CAPTCHA is generated by third party software that is popular enough, the bots will already know how to parse and solve it.
Have look into plugins that will block IPs which repeatedly fail logins, or generate multiple 404s from scanning several URIs.
|
My plugins do block the IP and notify me. Most block for an hour first, then twelve hours, then twenty-four hours.
A sysadmin once told me that having one hundred IPs in .htaccess would cause a serious strain on the server. I’ll block a whole network like *.bluehost.com and the block notice tells them to contact their host. Then I worked with the host to deal with hackers
Right now I have almost no traffic. Once my sites are up, I don’t want congestion from two thousand bots slowing down the box.
I’m not looking for a fix, though, just a warning site for adult webmasters and server admins