As I recently mentioned, my site has been under a Distributed Brute Force attack. I did a little research and came up with [what I thought were] some reasonable countermeasures. As it turns out, what I’d hoped would be the most effective of the countermeasures is quickly being adapted to by the botnet(s) and is losing efficacy. So back to the drawing board I went. Now, I’m not a computer genius so I need to step back and think about this in a methodical way. I need to define things first. I need to define the situation and I need to define the desired outcome. This leaves me with a gap between the two for which I need to design a solution.
At a high level this is simple. Situation:”lots of baddies are trying to access my site’s admin area” desired outcome:”no baddies can access my site’s admin area, only me” solution:”stop the baddies from accessing my site’s admin area but still allow me there“.
Since I want to avoid wasting processing power even handling access requests by PHP/mySQL/Wordpress [software], AND it’s not practical to generate a list of 90,000+ IPs to ban [firewall] (especially since I have to wait for them to attack before I know which IPs to ban), I am left with trying to stop them with Apache [webserver].