So for the last month, my server has been getting attacked. nothing has gotten through, but I get emails every time someone tries to hack either my site or my server.
Almost all the attacks have been based out of China, so I gotta ask, WTF china?
It isn’t like these are awesome hack attempts either, most have been common wordpress exploits and port scanning and brute force attacks. I even had one try to claim to be the hosting company (which they got the name wrong :-/) via email. Since I work for the hosting company I host with I laughed, looked at my mail logs, and again, it was a Chinese IP address that sent the email.
Now please keep in mind I do have a few scripts in place to add an extra layer of protection to my server, but for the most part, what has caught the hacks attempts have been two off the shelf applications.
First, SecureLive’s SecurePress protects my blog, I have posted about it before and I stand by that it is an awesome piece of software, and well worth the price. (In the last month over 100 emails has been sent to me about someone attempting to exploit/hack my site.)
Second I have a firewall installed and I make use of a brute force detection script to protect my server from brute force attempts. I tend to use APF and BFD (found at rfxn.com under projects) as I like it better then some of the alternatives. That is just me, your mileage may vary.
Between the two of those and a few scripts I have put in place (including my perl DoS Reject Script, found on my projects page.) I have blocked over 500 malicious attacks to my server in the last month.
Granted, the malicious attempts most likely wouldn’t have succeeded to do anything on/to my server, but why risk it?