[Administration] Recent Activity on the Website – Security Additions

Imay have been seemingly quiet on here for the past week and a half, but this is partially because I’ve recently discovered a major brute-force attack to try to take out the security of my website. Now, this isn’t entirely unusual. Bots are always trying to find wordpress blogs with weak security, and usually going after accounts that technically don’t exist. (It’s a long story to explain, but trust me.)

However, this one was different. Not only did it go after my administration account, but it also attempted to hijack multiple user accounts, by repeatedly entering randomly generated passwords, twice a second for 8 hours total. (Despite my plugin that limits login attempts.)

I’m still cleaning out my activity log (it had over 300 pages, with 100 entries per page. I’ve managed to get it down to 110 so far.), and I’ve banned a lot of IP’s and hosts, and I’ve made some new changes to the wordpress plugins- installed some, reactivated some old ones I used, and uninstalled ones that aren’t working. In the past four to five days, I’ve noticed that things seem to have slowed down and even stopped in some cases.

I will be reaching out to people directly by email if your account was hit. Expect word from me in the next 24 hours. However, rest assured, that nothing was compromised. I just had to rethink my security setup and so forth. From what I’ve seen from the attack, though, be warned that even bots are now using video game names, character names (from anime, comics, games, TV and movies), and pop culture terms and icons. So you know the routine of keeping your password safe and secure.

I’ll do my best to keep an eye on things, and try to pick back up on doing what I started this site for in the first place- writing to keep you up to date on Falcom news.

Kirsten Miller on EmailKirsten Miller on InstagramKirsten Miller on TwitterKirsten Miller on Youtube
Kirsten Miller
Founder & Admin
The webmaster, creator, and administrator of Endless History and all the sites located on esterior.net. Web developer and designer by day, translator, Kiseki crack theorist, and game streamer by night. Also, apparently a very floofy guy.

One Reply to “[Administration] Recent Activity on the Website – Security Additions”

  1. Aw man, that sucks! And what you say about cleaning out your activity log looks like a pain in the ass. I hope that isn’t nothing serious and you manage to solve everything without too much complication. And while I greatly appreciate the function of your website (keeping us up to date on Falcom news), don’t worry if you can’t have everything at date.

    Oh, and btw, Happy birthday, Floofy!

Leave a Reply

Your email address will not be published. Required fields are marked *