Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
Cyber-Man2016-06-28 11:39:05
Burglary protection
Cyber-Man, 2016-06-28 11:39:05

Bulk protect sites from brute force?

Greetings ... maybe someone had experience in protecting admin panels from mass enumeration? There are hundreds of sites on the server. There is protection by the number of connections, but the bots are now smarter - they make only a small number of requests per minute, which is almost imperceptible, while creating an unnecessary, unpleasant load on the processor.

46.172.83.5 - - [28/Jun/2016:11:36:55 +0300] "POST /wp-login.php HTTP/1.1" 403 2769 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:04 +0300] "POST /wp-login.php HTTP/1.1" 200 5021 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:09 +0300] "GET /wp-login.php HTTP/1.1" 200 3498 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:09 +0300] "POST /wp-login.php HTTP/1.1" 200 4488 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:10 +0300] "GET /wp-login.php HTTP/1.1" 200 3316 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:11 +0300] "POST /wp-login.php HTTP/1.1" 200 4307 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:12 +0300] "GET /wp-login.php HTTP/1.1" 403 2769 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:12 +0300] "GET /wp-login.php HTTP/1.1" 403 2769 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"
46.172.83.5 - - [28/Jun/2016:11:37:12 +0300] "POST /wp-login.php HTTP/1.1" 403 2769 "-" "Mozilla/5.0 (Windows NT 5.1; rv:29.0) Gecko/20100101 Firefox/29.0" "-"

What to do with them? Maybe share your experience?..
I tried to do it with nginx, but the problem is here ...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
SolidMinus, 2016-06-28
@SolidMinus

Low number of requests per minute?
Is it 2-3 requests per second like? Well, strengthen the protection of such. 3 login attempts per minute and a ban for 30 seconds. As a result, all the desire to brute will disappear
, or will it?
one
two

Similar questions
V
Viktor2016-03-25 04:36:34
How effective is binding to the server ip to protect the program from copying? 2Reply
P
potapovdmtriy2016-03-29 11:41:41
What is the best language for dll injection? 1Reply
Q
qwertyqwerty2014-01-09 02:00:23
Fucked my site? 6Reply
A
Andrew2016-04-20 10:14:50
How much can freelance pentesters earn? What are they doing? 1Reply
I
Ivan2016-04-20 16:01:54
How to turn off or bypass Stakhanovets - a program for spying on employees? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question