Jump to content
Latest News: (loading..)
socom

bot trying to hack band end

Recommended Posts

we are getting a constant issue with bots trying to hack our admin section with passwords

 

Is there  a way to sort this?

 

we are getting lists and lists of failed log in attempts?

Share this post


Link to post
Share on other sites

Is a .htaccess file, in your admin directory, setup with :

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /***/***/***/htpasswd
Require valid-user
Order Deny,Allow
Deny from all
Allow from 'Your IP address'

and has your admin directory been renamed to something random?

Mike

Share this post


Link to post
Share on other sites

Thank you problem is one of our locations is not on a static IP is there a way to work around this?

Share this post


Link to post
Share on other sites

If your admin has not been renamed as mentioned by @Mikepothen that is allowing the hackers to find your admin. If they can't find it, they can't try to hack into it. That won't stop them from trying, of course. If you install View counter and add the admin trap code, that will stop them. If you are using a new version of oscommerce, you can look in the action recorder module to find the IP's of those trying to login so that they can be blocked. 

Share this post


Link to post
Share on other sites
3 hours ago, socom said:

problem is one of our locations is not on a static IP is there a way to work around this?

always best to have a static IP. Only a small extra in cost.  If not you will have to edit your .htaccess file every time the IP changes.

Question, are you  running on a self hosted machine? If yes, then I hope not a PC!!

I would recommend  View counter as suggested by @Jack_mcs

 

Share this post


Link to post
Share on other sites

Apache changed how the access is written for 2.4 and I ran into a problem within the last 12 months or so with the old format causing an issue.  Even if you don't put the ip address, you still can use cpanel or the like to create a password protect.  Then you can modifiy it.  You can just put the beginning of your ip address like below.  This works for Apache 2.4 and is a little different than older. This way the ip has to begin with 123.123 and that stops most of the world.  You still have to have valid user/password.

RewriteEngine on
SSLRequireSSL
AuthType Basic
AuthUserFile "/home/myname/.htpasswds/public_html/allrenamed/passwd"
AuthName "Restricted"
<RequireAll>
        Require valid-user
        Require ip 123.123
</RequireAll>

 


I'm not really a dog.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×