I Guess if I Could Use a Fire Hose I’d Use It
March 11th, 2009 | 
Author: The great thing about the new WordPress Firewall plugin by SEOEGGHEAD is that you are notified by email each time someone tries an SQL injection or other attack on your blog. What an eye opener these emails have been.
Last night, Wednesday, March 11 at 1:11 AM EDST six, yes SIX, different attempts were made to hack into my blog from IP address 58.241.255.38. The hacker was focusing his/her attention on one particular plugin. Just in case there is a vulnerability I’ll notify the plugin author of the occurrence and not mention the plugin here and I would be happy to share the information with WordPress.
According to the IP look up at seoegghead.com the IP is from Nanjoing, Jiansu, China.
I’m bummed. I’ve never been disrespectful to our Chinese friends. Why anyone would want to hack into an unemployed American citizen’s blog is beyond me. I’m just thankful for this new plugin. Perhaps if I could use a fire hose I’d use it. Knock it off please.
Enjoy the read? Support DougWeb with coffee money ;) Sphere: Related ContentRelated DougWeb posts:
- New SQL Injection Attack Detected at DougWeb The Firewall plugin detected two injection attempts last Friday, April...
- Bitlybot Scanning WordPress Admin I added the Twitter Tools plugin to a few of...
- WordPress Plugin: Psychic Search The Psychic Search plugin from MaxBlogPress is a unique tool...
- WordPress 2.7 Upgrade Anomaly I have no Admin menus and I do not know...
- WordPress Automatic Upgrade at Network Solutions Near as I can tell when you use the Network...
- My Favorite WordPress Plugins In support of Plugin Developer’s Day I list my favorite...
Related posts brought to you by Yet Another Related Posts Plugin.
Posted in 
Tags: 
This same IP recently attempted numerous SQL injection attacks again but on another WordPress blog I own focusing on plugins, data entry screens and so on. The SEOEGGHEAD firewall plugin blocked each attack attempt and emailed me the strings.
Just to let the owner of the IP know that I am aware of the attacks I emailed the email address responsible for the IP in China and simply asked them to look into it. I heard no response and don't expect to.
I'm starting to see Google searches for this IP address so I am assuming other blogs are also being attacked.
Does there need to be a place where blog owners can report security problems and hack attempts? Does there need to be a place that captures this information and shares it with police and cyber investigators of other government? It seems odd that there is nothing a blog owner can do when attacks happen. Local police don't have the resources and the federal agencies seem to have their hands full with more serious matters. To me these attacks may be indicative of problems to come or might even shed light on some investigation in progress somewhere. The world will never know however because there is no one to share it with. The bad guys obviously know this and keep trying to hack into blogs.
All anyone can do at the moment is block 58.241.255.38. and keep their fingers crossed a vulnerability isn't found by the cyber punks.