> Botnet Attack Blocker wordpress plugin resources analysis

Botnet Attack Blocker wordpress plugin resources analysis

Download This Plugin
Download Elegant Themes
Name Botnet Attack Blocker
Version 1.9.1
Author Misha von Bennigsen
Rating 84
Last updated 2013-12-10 01:25:00
Downloads
16768
Download Plugins Speed Test plugin for Wordpress

Home page

Delta: 0%

Post page

Delta: 0%
Botnet Attack Blocker plugin has no negative impact on PageSpeed score.

Home page PageSpeed score has been degraded by 0%, while Post page PageSpeed score has been degraded by 0%

Botnet Attack Blocker plugin added 2 bytes of resources to the Home page and 29 bytes of resources to the sample Post page.

Botnet Attack Blocker plugin added 0 new host(s) to the Home page and 0 new host(s) to the sample Post page.

Botnet Attack Blocker plugins ads the following DB table(s) to your Wordpress blog database:
Table name Table size (in bytes)
wp_botnetblocker 1024
Resources Added (Post page)
Description

After the recent global distributed botnet attack on WordPress installations that took down servers and broke into admin accounts, I thought I'd write a plugin to prevent it happening again.

Distributed botnet attacks can come from multiple IP addresses and locations at the same time, so conventional IP-based lockouts are not effective (e.g. those found in Wordfence and other WordPress security plugins).

For example, if 1,000 different computers (with unique IP addresses) are trying to brute-force your admin password and you lock out each IP address after 5 incorrect attempts then you have still allowed 5,000 attempts. My plugin essentially ignores the different IP addresses and locks out all admin login attempts in a configurable way - so if you have it set to 5 failed attempts (default) then those 1,000 different computers will only have a total between them of 5 attempts.

You can select how many login failures causes the lockout, how much time to allow between failures, how long to block logins for and also you can input a whitelisted IP address (or multiple addresses separated with commas or spaces) which can bypass the lockdown and always log in - so you can still always get into your site even in the middle of an attack. Version 1.1 adds support for partial IP address matching for those with dynamic IP addresses.

  • Any failed login is counted regardless of username or IP address (unless whitelisted)
  • Once locked down, nobody can log in except from whitelisted IP addresses
  • You can specify the number of login failures that triggers a lockdown
  • You can specify the time between failed attempts that should be counted
  • You can specify how long the lockdown should last
  • You can add whitelisted IP addresses that bypass the lockdown
  • Partial IP address matching for dynamically-allocated IP addresses
  • Multisite compatible
  • Now available in French, German, Italian and Russian

Screenshots

Botnet Attack Blocker screenshot 1
Resources added by plugin to Home page/Post page in kB
Total size of resources for Home page/Post page in kB

0

896

0
Random Theme Tests
Foghorn screenshot

Foghorn

by: downstairsdev

  • Home page/Desktop: 97
  • Post page/Desktop: 95
  • Home page/Mobile: 91
  • Post page/Mobile: 89
42844
0%
Twilight Crown screenshot

Twilight Crown

by: Nitallica

  • Home page/Desktop: 96
  • Post page/Desktop: 95
  • Home page/Mobile: 90
  • Post page/Mobile: 89
24534
0%