What's happening?

Over the past several weeks, our System Administration Team has identified an exponential increase in brute force attacks against Joomla driven websites.

Question What is a brute force attack against a Joomla website?
Answer A brute force attack against a Joomla website involves bots repeatedly trying to login to your Joomla /administrator by guessing the username and password. While it's almost impossible to guess a username and password on the first try, these bots are trying 1000's of username / password combinations, which is increasing the odds of a successful breach of your website.

What is InMotion Hosting doing?

When our System Administration Team identified the influx of brute force attempts against Joomla websites, they implemented a security rule on the server to thwart the attacks. With this new security measure in place, bots will no longer be able to guess 1000's of username / password combinations, they will be stopped at a much lower attempt. This should drop their success rate on attacks to near 0%.

What should I do

While we are preventing most of the brute force attempts against Joomla sites, there may still be bots that are able to repeatedly guess your username and password. You can protect yourself from these bots by:

  1. Ensuring you are using a secure password
  2. Adding an additional username / password to your /administrator folder
Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Joomla Community Google+ Hangout #3

June 3rd, 2014

Thank you @RustyJoomla for letting me speak on the Joomla Community Google+ Hangout!

Click here to watch!

n/a Points
2014-03-31 11:48 am

My site is one being hit by these login attacks.  InMotion alerted me about heavy resource usage, and after much investigation I discovered this type of attack was causing the problem.  I found that installing Akeeba's Admin Tools Pro not only helped to discover the actual problem, but also provided the means to fight it through their firewall.

Staff
20,848 Points
2014-03-31 11:52 am
Hello Donald,

Thank you for the additional information. We will check into that and create more information regarding using this tool.

Kindest Regards,
Scott M
n/a Points
2014-05-11 10:28 am

Cannot login to my wordpress dashboard and need to regain access asap. Not sure why you all are blocking my account please unblock this is uncalled for. Please contact me within instructions to regain access.

 

Thanks

Staff
10,994 Points
2014-05-12 9:48 am
Hello rob,

Thank you for contacting us, I understand your frustration. If you are getting locked out of Wordpress, most likely there are brute-force attempts occurring.

Our guide on Wordpress brute force attempts explains the issue in detail, and provides solutions to regain access.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-05-11 4:47 pm

I have not been able to log in to my website all day today. 

Staff
10,994 Points
2014-05-12 9:59 am
Hello Truth,

Thank you for contacting us. We are happy to help, but will need some additional information, such as a link to the website.

Are you running Joomla?

Have you followed this guide?

Are you getting an error? What is the error?

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-05-12 12:52 pm

I got it all fixed by using the live chat now button, they were very helpful.

Staff
18,399 Points
2014-05-12 12:57 pm
Hello Truth,

We're glad to hear that it was resolved. If you have any further questions or comments, please feel free to submit a question or post to our Suport Center website!

Regards,
Arnel C.
n/a Points
2014-05-16 11:40 am

"WordPress Login Temporarily Disabled" all morning.

How long does a typical reset require following an attack?

Staff
10,994 Points
2014-05-16 11:57 am
Hello John,

The block lasts 15 minutes, but if the attacks continue, then the block will also continue. I recommend following our guide on Wordpress Brute Force attacks, since it explains the issue more in-depth, and provides solutions for "locking down" your wordpress.

After you have protected your site, you should be able to regain access after 15 minutes.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-06-21 3:31 am

hi,

We were facing the in-correct login attempts on our Joomla admin panel. Your support help suggested to keep a secure password and lock admin folder. Even afer doing that, the admin panel again gets disabled. If you please check at your end

regards,

Staff
10,994 Points
2014-06-23 10:17 am
Hello UK,

If you are getting locked out, it is possible something else is going on. For example, a plugin/add-on may be getting flagged by the server rules as a security problem.

I recommend contacting Live Tech Support, so they can review the server logs at the time you are having issues.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-08-09 9:56 am

Im not able to login to my account , I did some mistakes in my logins because i forgot the password, howeveri was able to remember it then i was locked

www.sajidjaber.com please unlock!

 

thanks

Staff
20,848 Points
2014-08-11 11:50 am
Hello Sammy,

I am not quite understanding. If you mean you are blocked out for having too many tries, then it will unlock in about 15 minutes.

Kindest Regards,
Scott M
n/a Points
2014-09-30 4:12 pm

I'm locked out of my Joomla install -- website is www.landersdevelopmentllc.com -- I was logged in (no failed password attempts on my part) but got kicked out of the admin area while I was working. I have several other joomla installs on the same VPS server -- I've sampled a couple, but it appears I'm locked out of all of them. 

Error mentions brute force attacks and that I'm temporarily locked out. What, exactly, does this mean? Will I be able to login, later? 

Staff
18,399 Points
2014-09-30 5:10 pm
Hello Lisa,

I'm sorry you're having problems with the brute force protection. It's happening because your site is probably under brute force attack, and the server rules that are part of the protection is kicking in. One thing you can do to help prevent this from happening is to password protect your administrator directory for Joomla. We have a tutorial called How do I password protect a directory with my cPanel?. This will help prevent this issue from popping up further.

If you have any further questions, please us know.

Regards,
Arnel C.
n/a Points
2014-10-19 12:57 am

Hello,

''Brute Force Attacks'' is a bloody joke. I am running several joomla websites (3.x and 2.5) and never been atacked because i have a password more or less secure.This software ''Brute Force Attacks'' is only triggered when you login/logout successively and repeatedly. Or when attemtping to change userights in the same fashion. The safety on the software is too high.It should be reviewed. The program errs on the side of caution...Mansour 

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

18 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!