Question
Digital Ocean Ips hacking my site searching for wp-login from a various ip list of digital ocean
Hello Digital Ocean,
From last several days a list of various digital ocean ips are giving hits on my dedicated server on page wp-login.php, xmlrpc.php & other pages and the site is not using wordpress at all.
Ips:
162.243.162.24
46.101.18.90
165.227.56.183 # Manually denied: 165.227.56.183 (US/United States/zig-crw-1504255563.1212) - Fri Sep 1 09:00:26 2017
67.207.92.28 # Manually denied: 67.207.92.28 (US/United States/zig-crw-1504245325.2423) - Fri Sep 1 06:48:23 2017
107.170.192.92 # Manually denied: 107.170.192.92 (US/United States/zig-crw-1504248742.2716) - Fri Sep 1 07:04:40 2017
165.227.92.100 # Manually denied: 165.227.92.100 (US/United States/zig-crw-1504248723.4785) - Fri Sep 1 07:05:11 2017
46.101.14.54 # Manually denied: 46.101.14.54 (GB/United Kingdom/zig-crw-1504241902.2201) - Fri Sep 1 05:06:38 2017
139.59.7.252 # Manually denied: 139.59.7.252 (IN/India/zig-crw-1504118782.3618) - Wed Aug 30 19:40:31 2017
165.227.22.75 # lfd: (CT) IP 165.227.22.75 (US/United States/zig-crw-1503821044.0411) found to have 116 connections - Sun Aug 27 08:06:52 2017
139.59.187.99 # lfd: (CT) IP 139.59.187.99 (GB/United Kingdom/zig-crw-1503821222.4455) found to have 136 connections - Sun Aug 27 08:09:51 2017
162.243.158.65 # lfd: (CT) IP 162.243.158.65 (US/United States/zig-crw-1503763082.6025) found to have 161 connections - Sat Aug 26 16:00:52 2017
192.241.198.212 # lfd: (CT) IP 192.241.198.212 (US/United States/zig-crw-1503687843.4358) found to have 108 connections - Fri Aug 25 19:08:11 2017
165.227.82.201 # lfd: (CT) IP 165.227.82.201 (US/United States/zig-crw-1503667083.6006) found to have 110 connections - Fri Aug 25 13:20:38 2017
165.227.107.27 # lfd: (CT) IP 165.227.107.27 (US/United States/zig-crw-1503673923.1553) found to have 140 connections - Fri Aug 25 15:15:48 2017
165.227.63.223 # lfd: (CT) IP 165.227.63.223 (US/United States/zig-crw-1503674163.4507) found to have 130 connections - Fri Aug 25 15:20:47 2017
138.68.176.30 # lfd: (CT) IP 138.68.176.30 (GB/United Kingdom/zig-crw-1503656823.1317) found to have 150 connections - Fri Aug 25 10:31:32 2017
139.59.84.110 # lfd: (CT) IP 139.59.84.110 (IN/India/zig-crw-1503657063.4773) found to have 130 connections - Fri Aug 25 10:36:04 2017
139.59.125.16 # Manually denied: 139.59.125.16 (SG/Singapore/zig-crw-1503660483.0719) - Fri Aug 25 11:35:44 2017
107.170.250.139 # lfd: (CT) IP 107.170.250.139 (US/United States/zig-crw-1503653404.3782) found to have 140 connections - Fri Aug 25 09:31:59 2017
and more..
This is making site to go offline and a huge load on server and every time a new ip attacks and all these ips belongs to you.
Please have a look into this.
Thanks & Regards.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×