Support

 Good Afternoon,

I'm wondering if there is a way to block attempts to access Wordpress admin URL's via Admintools? As I'm sure most sites do, we experience a lot of hack attempts to wp-admin and similar URL's. I figured it might be a good idea to just block those attempts outright, assuming it's possible in the component.

Our Admin Tools program is only for Joomla!. The architecture of WordPress makes it very difficult to secure so at this time we have elected not to produce Admin Tools for WordPress.

Right, I know that. I use Admintools on Joomla. Just because I use Joomla doesn't stop potential hack attempts that are directed at Wordpress sites. In other words, I see a ton of 404's daily for attempts made on /wp-admin, even though I don't use WP. I'm just asking if there is a way to block/ban an IP based on an attempt on my domain based on the URL they are trying to access.

Ah, that's a whole different question. The goal of security is to make sure they don't succeed, they are never going to log into your Joomla! site with a WordPress admin URL.

The only thing I can think of is to redirect the WordPress URL to an address in /administrator. That would trigger a security exception and allow you to auto ban the IP. But that sounds like a really bad idea. If they hammer the WordPress URL as a DoS attack, the redirect will amplify the attack. You're better off just leaving them alone. Hackers don't use their own IP addresses, so you aren't actually banning their IP. They use compromised computers, probably using dynamic IP addresses or open proxy servers. One gets blocked, they just move to the next one in the collection.

Understood. Thanks for the fast reply!

You're welcome!

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.