What's happening?

Over the past several weeks, our System Administration Team has identified an exponential increase in brute force attacks against Joomla driven websites.

Question What is a brute force attack against a Joomla website?
Answer A brute force attack against a Joomla website involves bots repeatedly trying to login to your Joomla /administrator by guessing the username and password. While it's almost impossible to guess a username and password on the first try, these bots are trying 1000's of username / password combinations, which is increasing the odds of a successful breach of your website.

What is InMotion Hosting doing?

When our System Administration Team identified the influx of brute force attempts against Joomla websites, they implemented a security rule on the server to thwart the attacks. With this new security measure in place, bots will no longer be able to guess 1000's of username / password combinations, they will be stopped at a much lower attempt. This should drop their success rate on attacks to near 0%.

What should I do

While we are preventing most of the brute force attempts against Joomla sites, there may still be bots that are able to repeatedly guess your username and password. You can protect yourself from these bots by:

  1. Ensuring you are using a secure password
  2. Adding an additional username / password to your /administrator folder
Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Like this Article?

Comments

Post a comment
n/a Points
2014-03-31 11:48 am

My site is one being hit by these login attacks.  InMotion alerted me about heavy resource usage, and after much investigation I discovered this type of attack was causing the problem.  I found that installing Akeeba's Admin Tools Pro not only helped to discover the actual problem, but also provided the means to fight it through their firewall.

Staff
15,308 Points
2014-03-31 11:52 am
Hello Donald,

Thank you for the additional information. We will check into that and create more information regarding using this tool.

Kindest Regards,
Scott M
n/a Points
2014-05-11 10:28 am

Cannot login to my wordpress dashboard and need to regain access asap. Not sure why you all are blocking my account please unblock this is uncalled for. Please contact me within instructions to regain access.

 

Thanks

Staff
7,266 Points
2014-05-12 9:48 am
Hello rob,

Thank you for contacting us, I understand your frustration. If you are getting locked out of Wordpress, most likely there are brute-force attempts occurring.

Our guide on Wordpress brute force attempts explains the issue in detail, and provides solutions to regain access.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-05-11 4:47 pm

I have not been able to log in to my website all day today. 

Staff
7,266 Points
2014-05-12 9:59 am
Hello Truth,

Thank you for contacting us. We are happy to help, but will need some additional information, such as a link to the website.

Are you running Joomla?

Have you followed this guide?

Are you getting an error? What is the error?

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-05-12 12:52 pm

I got it all fixed by using the live chat now button, they were very helpful.

Staff
15,484 Points
2014-05-12 12:57 pm
Hello Truth,

We're glad to hear that it was resolved. If you have any further questions or comments, please feel free to submit a question or post to our Suport Center website!

Regards,
Arnel C.
n/a Points
2014-05-16 11:40 am

"WordPress Login Temporarily Disabled" all morning.

How long does a typical reset require following an attack?

Staff
7,266 Points
2014-05-16 11:57 am
Hello John,

The block lasts 15 minutes, but if the attacks continue, then the block will also continue. I recommend following our guide on Wordpress Brute Force attacks, since it explains the issue more in-depth, and provides solutions for "locking down" your wordpress.

After you have protected your site, you should be able to regain access after 15 minutes.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-06-21 3:31 am

hi,

We were facing the in-correct login attempts on our Joomla admin panel. Your support help suggested to keep a secure password and lock admin folder. Even afer doing that, the admin panel again gets disabled. If you please check at your end

regards,

Staff
7,266 Points
2014-06-23 10:17 am
Hello UK,

If you are getting locked out, it is possible something else is going on. For example, a plugin/add-on may be getting flagged by the server rules as a security problem.

I recommend contacting Live Tech Support, so they can review the server logs at the time you are having issues.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

News / Announcements

WordPress wp-login.php brute force attack
Updated 2014-07-17 06:43 pm EST
Hits: 201673

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Joomla Community Google+ Hangout #3

June 3rd, 2014

Thank you @RustyJoomla for letting me speak on the Joomla Community Google+ Hangout!

Click here to watch!

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!