Attacked Part III – Moved It To Blogspot

UPDATE on Jill’s blog. To recap, Jill’s Personal finance blog was suffering a denial of service (DOS) brought about by a Brute Force attack. A brute force attack is when the website is made so busy trying to serve pages that it essentially hangs.

After I backed up the site and made it run on my laptop I went to work. Brute force can be done in multiple ways and slowly I started to fix issue after issue. I was careful not to overdo it because I wanted to know exactly how the site was being attacked via trial and error. First I started to protect Wordpress essential files and placed captchas. When that didn’t work I stopped wp-cron.php. When that didn’t work I installed a high end plugin that hid system pages even more and stopped certain procedures altogether that were not essential. After that I finally cloudflared my DNS to block and document attacks. I was working with my US host to fix the issue and overall we traded close to 30 emails.

Continue reading “ Attacked Part III – Moved It To Blogspot” Attacked Part II

So i’ve confirmed that Jill’s site is going through a brute-force attack. A brute force attack is software that does two things. 1. keep trying to guess a password and 2. tie up the login page of the website disallowing anything else. Think of yourself as a bad guy and you do not want people to call the police. While you cannot destroy the phone system you can instead keep calling the police’s phone so when anyone tries to call them they keep getting a busy signal effectively disabling it.

Continue reading “ Attacked Part II” Attacked

So jill’s Personal Finance website may or may not have been hacked. I say ‘may have been’ because Server logs showed classic hack signs such as brute-forcing wp-login.php and wp-admin.php, the key wordpress files to try and access the dashboard.

For a site that gets only less than 200 visits a day that’s suspicious. Most random type hacks try to access every possible file but in this case it seemed very specific.

Continue reading “ Attacked”

The ‘SMS As A Recovery Option For Any Of Your Online Accounts Is A Bad Idea’ Viral Post

There is a popular post on FB making the rounds regarding a Mr. Ian Caballero and his recent unfortunate incident with Globe Telecoms. To summarize, his postpaid Globe SIM was replaced (copied) without his authorization. The only time you would usually allow this is when you lose your SIM or it is unusable for some reason.

To make matters worse his mobile number is used as a factor for recovering passwords to his email accounts which he in turn uses to do his banking with. These were quickly taken advantage of as he received a notice from his bank that a fund transfer occurred sending money from his account to another bank for P48,000.00.


Suffice to say, Mr. Caballero was having a really really REALLY bad day.

Continue reading “The ‘SMS As A Recovery Option For Any Of Your Online Accounts Is A Bad Idea’ Viral Post”

How To Detect A Phish

Yesterday I received this email supposedly from Godaddy, a domain registrar I occasionally use.godaddy0It says ‘Your account contains more than 3259 directories and may pose a potential performance risk to the server. Please reduce the number of directories for your account to prevent possible account deactivation’.

It is followed by a convenient link to where I should login and fix the issue.

Continue reading “How To Detect A Phish”

RRW’s Heartbleed Defense

To say that the Heartbleed issue has shaken me up is an understatement. It is in fact so serious so as to make me start questioning the open source model of trust and distribution per se even if I have been a great believer since I’ve learned of it – but that is a topic for another post.

Today I just wanted to share’s excellent post about Heartbleed, where they have excellent tips such as:

Step 1: Make A List Of Important Sites And Accounts
Step 2: Check Which Apps or Sites Are Vulnerable To Heartbleed
Step 3: Change Your Passwords

Continue reading “RRW’s Heartbleed Defense”