“The logs are showing that one of my sites is having repeated break-in attempts averaging 14 per minute for the past few hours.”
14 attacks per minute is a low level attack. A high level attack would be 100 login attempts per second (not minute). These days Brute Force Login attacks are a constant thing that go on all day, every day – 24x7x365.
1. Yep, that is a blocked Brute Force Login attempt.
2. You cannot stop hackers and spammers from trying and can only stop them from succeeding. 😉
An analogy for question #2 would be something like this: A Sniper (hacker) is shooting at you, but you are in an armored vehicle so the bullets are stopped by the armored vehicle (BPS Pro). You could of course radio in for an air strike to take out the Sniper, but other than that you cannot really stop the Sniper from shooting at you.
3. Just means that that particular attack is a POST attack vs a GET attack. GET attacks are more common than POST attacks.
4. The general idea is BPS blocked and logged the blocked attack so there is nothing else that needs to be done by you. If something legitimate was being blocked then you would need to create a whitelist rule to allow/whitelist whatever that is so it is no longer being blocked. Obviously you do not want to whitelist a hacker or spammer attack. 😉
-
This reply was modified 8 hours, 32 minutes ago by
AITpro Admin.
