Standard WordPress Attacks Visualized

Everyone that runs WordPress or any website knows there are thousands upon thousands of servers across the Internet doing nothing but looking for vulnerabilities and trying to hack sites. Logs directly don’t give you the sense of what is really happening in a nice visual way. An old favorite of mine, Logstalgia, is a fun way to see what all those servers trying to take you down, hack and use you as a launch point, install a miner on your server, or the various other goals these botnets might want to do to you if they can breach you.  

Here are a couple of little snippets of webserver logs showing a couple of pretty normal attacks we all see multiple times a day. These happened to a server of mine around November 18, 2018. 

The first attack is the standard bruteforce attack on WordPress as the attacker tries to hit known directories, etc.

WordPress Bruteforce on known paths

The second attack is just the bruteforce to go after the xmlrpc.php which is something sites use to allow added functionality to mobile devices,etc. and the feed.php file. 

WordPress bruteforce on xmlrpc.php and feed.php

Enjoy. These are just simple examples of what is happening constantly behind the scenes to all websites as the bad guys try to find ways in. 

Leave a comment or reply