This is how some people trying to HACK my site.

[elmocando]

Can anyone please let me know how harmful those attacks were?

 

[RealHacker]

If i am not wrong, data in screenshot is not visible (pixelated). Please check.

 

[biscuit]

Your image is tiny. I can't help you without my glasses. Someone bring my glasses!

 

[elmocando]

If i am not wrong, data in screenshot is not visible (pixelated). Please check.

Please check now.

 

[elmocando]

Your image is tiny. I can't help you without my glasses. Someone bring my glasses!

Screenshot updated.

 

[RealHacker]

Can anyone please let me know how harmful those attacks were?

Would be better if you could provide more info like website technology stack, how are you tracking this info, whether using security plugin/system or not, which hosting you are using, how come these requests were blocked (503) so you have some security in place, etc.

In general these attacks happen on websites and are dangerous if website is not built keeping in mind security, not so-secured/popular hosting and good reputed security plugin or system.

These are intended to gain control on your website by gaining access to your database. Unique trait for these type of requests are very frequent + less difference between requests + different ips + most importanty - request uri has query params (which are main route to gaining unauthorized access to database ultimately your website.)

So yes its dangerous & harmful in a way they will get control of your website and will put up a message that website has been hacked - owner shall contact on this email, etc asking owner to pay to gain back access.

 

[biscuit]

With cloudflare you can JS Challenge countries that most of these attack come from. It's got a minimal impact on your users since it's an automated process.

 

[elmocando]

I am using Wordpress as CMS, Wordfence as security plugin and Litespeed Server (shared Hosting).
So you are saying that, they can access to my DB? How can I block DB access than?

 

[elmocando]

With cloudflare you can JS Challenge countries that most of these attack come from. It's got a minimal impact on your users since it's an automated process.

What if I just select BLOCK China as action instead of JS Challenge. Will this rule just block all chinese IPs'?

 

[mandar.diwate40]

Make sure that you use Cloudflare's Firewall Rules! They can either block or make it difficult for them to hack it!

 

[mandar.diwate40]

What if I just select BLOCK China as action instead of JS Challenge. Will this rule just block all chinese IPs'?

Just use Country Blocking via the Firewall Rule!

 

[elmocando]

Just use Country Blocking via the Firewall Rule!

I am just choosing BLOCK option in Firewall Rules, I don't need chinese visitors.

 

[RealHacker]

I am using Wordpress as CMS, Wordfence as security plugin and Litespeed Server (shared Hosting).
So you are saying that, they can access to my DB? How can I block DB access than?

Best way to know this is to google how to make your website/wordpress website secure & make up a list of everything and than implement/include them in your website.

Some of the important mentions are -
* Hosting - Popular/Secured/Reputed
* CDN - Popular/Secured/Reputed
* Wordpress Security Plugin (+ Firewall) - Popular/Reputed
* Themes & Plugins - Only Popular/Secured/HighlyRated/Reputed
* Not to use nulled plugins from unverified sources or not use them all
* & Many many more actually need to sit for this, their are hell lot of things you can do to secure your website

 

[biscuit]

there is no reason to block. 90% of bots will not pass a js challenge.

 

[elmocando]

Best way to know this is to google how to make your website/wordpress website secure & make up a list of everything and than implement/include them in your website.

Some of the important mentions are -
* Hosting - Popular/Secured/Reputed
* CDN - Popular/Secured/Reputed
* Wordpress Security Plugin (+ Firewall) - Popular/Reputed
* Themes & Plugins - Only Popular/Secured/HighlyRated/Reputed
* Not to use nulled plugins from unverified sources or not use them all
* & Many many more actually need to sit for this, their are hell lot of things you can do to secure your website

Wow.... Thank you.
I need to learn so many things now.
Cloudflare CDN I am using, Wordfence as Security plugin and Firewall is also Wordfence.
If you have any suggestions, please let me know.
At present I have just created Firewall Rules on Cloudflare and Blocked few countries.
Let see what will happen next.

 

[elmocando]

there is no reason to block. 90% of bots will not pass a js challenge.

Okay great.
I'll select JS Challenge than.

 

[mandar.diwate40]

Block Digital Ocean, Huawei Cloud, Linode, Vultr as ISP's too using Firewall rules. People seem to send a lot of useless traffic using these services.
A lot of people are using these services as they are cost-effective and give away a lot of FREE usage worth $100 or more.

 

[mandar.diwate40]

Here is a screenshot of how many people try to still access even when blocked since past 1 year. I have just shared a very small screenshot.

 

[elmocando]

Block Digital Ocean, Huawei Cloud, Linode, Vultr as ISP's too using Firewall rules. People seem to send a lot of useless traffic using these services.
A lot of people are using these services as they are cost-effective and give away a lot of FREE usage worth $100 or more.

Okay, I'll do it.
Thank you for the information.

 

[elmocando]

Here is a screenshot of how many people try to still access even when blocked since past 1 year. I have just shared a very small screenshot.

What is the solution than?
Is there any good firewall for wordpress?