Top Nav

Archive | WordPress

How-to Mitigate Bittorrent DDOS Attacks

You’ll know that you’re getting hit with a Bittorrent attack when the server slows down and you see log entries referencing:

Here’s a good article about one sysadmin’s struggle with this type of attack:

http://blog.carlesmateo.com/2015/01/23/stopping-a-bittorrent-ddos-attack/

There are a number of possible strategies to mitigate this attack:

1. CloudFlare will block but it can take time to move DNS to CloudFlare and activate.

2. Create an announce.php file that returns an error like this:

This will use fewer resources then letting WordPress or other CMS return a 404.

3. Block in iptables with a rule like this:

Not sure how efficient this is on a high traffic web server.

4. Block in Apache config:

5. Block with fail2ban as described here:

http://shazbert.com/blog/2015/01/24/fail2ban-china-ddos-announce-bittorent/

Note that Plesk 12 has fail2ban built-in so this fix is easy to implement.

6. If traffic is limited to a range of IP addresses then block that range in any available firewall. For example we’ve defeated this attack in one case by blocking a class B range from China.

Other suggestions on blocking this type of attack are welcomed. Comment below and let us know if you’ve seen this attack and how you handled it.

0

Multiple Domains One WordPress

Let’s say you want to have more then one domain pointing to a WordPress site. Each domain should show the same content but you don’t want to redirect to the primary domain. This is a problem with WordPress because it tries to redirect to a single canonical domain. The solution is the “Any Hostname” plugin:

https://wordpress.org/plugins/any-hostname/

After installing the plugin, go to:

WordPress Admin -> Settings -> General

At the bottom of the screen you’ll find an “Any Hostname” section where you can add additional domain names to the site. So now you can have “www.acme.com” as the primary domain and one or more additional names like “www.acmeinc.com”. The website will be displayed on each domain as if it were the primary with no redirect.

0

Block wp-login.php On Single Site In WordPress Multisite

Take the case where you have a WordPress multi-site with many domains pointing to a single virtual host. When the site gets hit with a wp-login.php attack you want to password protect the wp-login.php script but just for the targeted site … not for every site in the multisite.  Here’s the .htaccess rules to accomplish this:

We set an environment variable based on the Host header and then require login from requests with the matching environment variable.

0

CentOS / Nginx / PHP-FPM / WordPress

Some quick notes on building a CentOS server with Nginx, PHP-FPM and WordPress.

First here’s great tutorial that covers the different Fedura / CentOS / RedHat versions:

http://www.if-not-true-then-false.com/2011/install-nginx-php-fpm-on-fedora-centos-red-hat-rhel/

To support WordPress I added the following line  into /etc/nginx/sites-enabled/acme.com.conf:

 

0

WordPress Update & Plugin Install Problems

Recently has a server that would not run WordPress updates or plugin installs no matter what I did. After extensive troubleshooting, it turned out the server had SELinux enabled which disallows outbound connections from Apache.

One useful tool in troubleshooting update problems is the Background Update Tester plugin:

http://wordpress.org/plugins/background-update-tester/

It gives some extra detail on why updates can’t run.

 

 

0