Eu segui uma dica do @This email address is being protected from spambots. You need JavaScript enabled to view it. sobre usar o Wordfence no WordPress.  E realmente funciona legal barrando várias tentativas de ataques.

Eu dei uma olhada nos de força bruta e aqui estão os logins mais usados:


MariaDB [(none)]> select username, fail, inet6_ntoa(ip), UA from wp_wflogins into outfile 'ataques.csv';

> awk '{print $1}' ataques.csv | sort -n | uniq -c | sort -n
      1 -
      1 123123
      1 1234
      1 123456
      1 123456789
      1 443/wp-login.php
      1 aaa
      1 abcd1234
      1 admaster
      1 admin.
      1 AdMiN
      1 admin123
      1 admina
      1 admini
      1 administrators
      1 adminPeach
      1 adminwp
      1 admon
      1 Adsystem
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 ahmed
      1 alfons
      1 alireza
      1 anna
      1 arrow
      1 artsadd
      1 ask6776
      1 atarihost
      1 autonewsbot
      1 awen
      1 azaret
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 Beast3x
      1 beescleaning
      1 carpetsdubai
      1 Casper_Security
      1 catmeow
      1 chris
      1 christiane
      1 Christophe
      1 control
      1 cpolo
      1 dagon
      1 darcy56
      1 Darcy56
      1 dedi
      1 demilation
      1 DemoDemo
      1 demo_w1p
      1 devadmin
      1 dexter
      1 digilabs
      1 donaljkt9
      1 dummy_store_5
      1 editor
      1 ednabanaag
      1 eliasaf
      1 enamad
      1 eosuperadmin
      1 Fabien
      1 Farribeiro
      1 gestinet
      1 globalint
      1 goog
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 GP_Admin
      1 grupovhn
      1 gtfobiash
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 hopefox34
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 info
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 Ivan
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 jbalazs8178
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 john
      1 justin
      1 kinga
      1 kobieta
      1 kulturecom
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 lluis
      1 loafa
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 mainstream
      1 marina
      1 martinharvey
      1 Megusta
      1 microadmin
      1 miruku
      1 mohit
      1 monica
      1 mungmee
      1 MUWY
      1 ndvtzaifnz
      1 Nwildner
      1 oktay-dogangun
      1 options
      1 ovauser-admin
      1 PiSh3r
      1 protan
      1 qiang521
      1 quantri
      1 raeesa
      1 Rahul
      1 redtor
      1 richard
      1 Richard
      1 ridiz
      1 rikimoh39
      1 root
      1 rootadmin
      1 roottn
      1 rzu4bd
      1 sadminusez
      1 santi2
      1 senterprisys_admin
      1 SEOExpert
      1 seojiwo
      1 seomaster009
      1 shelby96
      1 Sion
      1 siteadmin
      1 smngrs952
      1 Support
      1 temp3
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 test3
      1 tester
      1 testionos
      1 tuanduongthe
      1 tuanpham
      1 upastra007
      1 Username
      1 Vikash
      1 voquanghuy
      1 wadmiine
      1 wdmgpvt
      1 webstone24
      1 webuser
      1 wpadmin
      1 WPADMIN
      1 w-padmine
      1 wp-admine
      1 wp-blog
      1 wp_developer
      1 wpengine
      1 wp_rest_api
      1 wpsystem
      1 wpupdate
      1 wuser
      1 wwwadm
      1 xcom
      1 xtw183870bbe
      1 xtw18387106f
      1 xtw1838711ab
      1 xtw183871206
      1 xtw183871550
      1 xtw183872fc0
      1 xtw18387331a
      1 xtw1838738ca
      1 xtw183873c09
      1 xtw183874283
      1 xtw183875328
      1 xtw1838754ba
      1 xtw18387596a
      1 xtw183875977
      1 xtw1838761a5
      1 xtw183876e88
      1 xtw18387757d
      1 xtw183877c79
      1 xtw183878b0d
      1 xtw18387958b
      1 xtw183879670
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 xtw18387a0c5
      1 xtw18387a9de
      1 xtw18387aa3b
      1 xtw18387adf8
      1 xtw18387c077
      1 xtw18387c339
      1 xtw18387d0aa
      1 xtw18387daad
      1 xtw18387e84d
      1 xtw18387e943
      1 xtw18387f29e
      1 xuanphong
      1 yanz
      1 zestful
      1 Zestful
      1 zokaroll
      2 12345678
      2 ac
      2 adminlin
      2 adminsup
      2 adminusez
      2 Auto
      2 bapaksaya
      2 burnolurko
      2 Clare
      2 francisunderwood
      2 greeceman
      2 happy
      2 hex
      2 hxq1879
      2 ismm
      2 jacquespermisdeconduire
      2 jatin
      2 jisuo
      2 lashkari
      2 maximixer789
      2 Nacht
      2 pajero_sports
      2 smngrs953
      2 smngrs955
      2 susan
      2 swilliams
      2 testuser
      2 thuylt
      2 wadmines
      2 This email address is being protected from spambots. You need JavaScript enabled to view it.
      2 wiktorB
      2 woopayplug
      2 wordpress_admin_bak
      2 wordpress_administratora
      2 wordpressauto
      2 wp
      2 wpenginesupport
      2 wpmanager
      2 wp_postadmin
      2 wpuser
      2 x
      2 xrumertest
      2 xtw1838729c0
      2 xtw18387754d
      2 yanz@123457
      2 yeuthuongmongmanh
      2 zadminz
      2 zutodoko
      2 This email address is being protected from spambots. You need JavaScript enabled to view it.
      3 admim
      3 admin1
      3 admin6
      3 admingusar
      3 bimak73555
      3 Chris
      3 demo
      3 This email address is being protected from spambots. You need JavaScript enabled to view it.
      3 mevivu
      3 qwee123123
      3 Reseller-webmaster
      3 talhas
      3 test1
      3 wadmine
      4 1001010
      4 andremachado
      4 crander
      4 hostingadmin
      4 matakucing3
      4 patola
      4 server
      4 stender
      4 username
      4 wordcamp
      4 wordpress_administrator
      5 administratoir
      5 administrator
      5 This email address is being protected from spambots. You need JavaScript enabled to view it.
      5 excontrol
      5 itsme
      5 support
      5 user
      5 wpadmins
      5 wpcore
      6 smngrs951
      7 nwildner
      7 paulomartins
     11 test
     12 farribeiro
     18 Admin
     19 wadminw
     28 wwwadmin
     54 linux-br
    151 df7c8c98dfd88d9dfad
   1270 admin

Realmente alguns logins existem e devem estar assinados nas páginas.  Mas o restante é estilo Forrest Gump correndo de um lado pro outro atravessando os Estados Unidos sem saber o porquê.

We use cookies

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.