OpenCart Community

OpenCart Community Forum - Discuss shopping cart and e-commerce solutions.
https://forum.opencart.com/

brute force attack on /admin

https://forum.opencart.com/viewtopic.php?t=221873

Page 2 of 2

Re: brute force attack on /admin

Posted: Mon Oct 25, 2021 8:56 pm
by JNeuhoff
Further to this, we tweaked the Bitninja settings as follows:

enabled the 400112 (anti POST) WAF rule
enabled the URL captcha feature on /admin/

And that seems to result in a 100% rejection rate of this particular bruteforce attacker!

Re: brute force attack on /admin

Posted: Mon Oct 25, 2021 9:32 pm
by straightlight
Most configurations seem to be server-related nowadays to protect the stores ...

Re: brute force attack on /admin

Posted: Mon Oct 25, 2021 10:32 pm
by OSWorX
straightlight wrote:
Mon Oct 25, 2021 9:32 pm
 Most configurations seem to be server-related nowadays to protect the stores ...
Which "configurations" do you mean?

Re: brute force attack on /admin

Posted: Mon Oct 25, 2021 11:08 pm
by straightlight
OSWorX wrote:
Mon Oct 25, 2021 10:32 pm
straightlight wrote:
Mon Oct 25, 2021 9:32 pm
 Most configurations seem to be server-related nowadays to protect the stores ...
Which "configurations" do you mean?
I replied to the previous post. Should of been quoted but I was just following on this. Looks like it's a third-party tool, however.

Re: brute force attack on /admin

Posted: Mon Oct 25, 2021 11:36 pm
by OSWorX
straightlight wrote:
Mon Oct 25, 2021 11:08 pm
OSWorX wrote:
Mon Oct 25, 2021 10:32 pm
straightlight wrote:
Mon Oct 25, 2021 9:32 pm
 Most configurations seem to be server-related nowadays to protect the stores ...
Which "configurations" do you mean?
I replied to the previous post. Should of been quoted but I was just following on this. Looks like it's a third-party tool, however.
Congratulations to your post # 20.000 ..
And how many of them are useless?

Re: brute force attack on /admin

Posted: Mon Oct 25, 2021 11:44 pm
by straightlight
OSWorX wrote:
Mon Oct 25, 2021 11:36 pm
straightlight wrote:
Mon Oct 25, 2021 11:08 pm
OSWorX wrote:
Mon Oct 25, 2021 10:32 pm

Which "configurations" do you mean?
I replied to the previous post. Should of been quoted but I was just following on this. Looks like it's a third-party tool, however.
Congratulations to your post # 20.000 ..
And how many of them are useless?
Only from those who believes.

Re: brute force attack on /admin

Posted: Tue Oct 26, 2021 12:09 am
by Cue4cheap
OSWorX wrote:
Mon Oct 25, 2021 11:36 pm
straightlight wrote:
Mon Oct 25, 2021 11:08 pm
OSWorX wrote:
Mon Oct 25, 2021 10:32 pm

Which "configurations" do you mean?
I replied to the previous post. Should of been quoted but I was just following on this. Looks like it's a third-party tool, however.
Congratulations to your post # 20.000 ..
And how many of them are useless?
LOL
Exactly.

Re: brute force attack on /admin

Posted: Tue Oct 26, 2021 3:45 am
by cyclops12
Cue4cheap wrote:
Tue Oct 26, 2021 12:09 am
OSWorX wrote:
Mon Oct 25, 2021 11:36 pm
straightlight wrote:
Mon Oct 25, 2021 11:08 pm

I replied to the previous post. Should of been quoted but I was just following on this. Looks like it's a third-party tool, however.
Congratulations to your post # 20.000 ..
And how many of them are useless?
LOL
Exactly.
:laugh: :laugh: :laugh: :laugh:

Re: brute force attack on /admin

Posted: Fri Nov 05, 2021 3:44 am
by messor
1 Use strong password
2 Change all default login like admin/support
3 Change default admin path
4 install some security plugin like https://www.opencart.com/index.php?rout ... n_id=42800
All times are UTC+08:00
Page 2 of 2
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/