It’s not been uncommon for me to get messages from my security plugin that someone has tried to access the administrative aspects of my blog. For a couple years now, I used a plugin that would lock someone out for a couple hours after two failed logins and for three days after four. Even though it’s worked well, I installed a new security plugin over the weekend that included that feature along with its more straightforward security elements. It, too, sends an email when someone is locked out. I love the new plugin but I clearly wasn’t paying attention when I set it up.
From about 10:30 last night until about 9 this morning, it notified me 663 times that someone had been locked out from the blog. Most of the IP addresses were in Russia, Ukraine or Belarus, although I’m guessing even most of those are spoofed. But why this onslaught?
Turns out that when I set the options for the new plugin, a person was locked out from trying again for just five minutes. Thus, someone using an automated approach could try and try — and try and try and try and try and try and try. When I figured out what was going on, I increased the lock out setting by well more than 1,000 percent. The new plugin also allows me to specify user names that are immediately blocked. Haven’t had a lock out notice since.
Look, I know I haven’t posted much this summer but if this person were interested in posting, it would have been a lot easier for them to just send me an email offering to contribute. Of course, his or her real interest was wreaking havoc on a infinitesimal speck of the Interwebz or as a launching pad for something nefarious.
The Internet is the crime scene of the 21st century.
Cyrus R. Vance Jr.