For the last couple of weeks I’ve been checking up on the website and finding out that things are running slowly or just not working.  I would usually just restart the web server and the database and things would go back to normal.  Today I decided to look into the problem.

I checked the logs and it seems like much or most of the traffic to has come from three IP addresses that have been trying to exploit a weakness in WordPress.  I blocked access to the file they’ve been trying to exploit, I blocked all traffic from their IP addresses, and I sent nastygrams to their ISPs.  I saw that a few other people were trying to access the admin page, but whatever.

Now I’m not claiming to be some leet white-hat professional here, but it did feel good to shut down a few script kiddies.  If I keep seeing people doing this, I might have to actually learn something about security.