Constant login attempts on port 443

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Amongthegums
Joomla! Apprentice
Joomla! Apprentice
Posts: 49
Joined: Wed Mar 04, 2015 6:22 am

Constant login attempts on port 443

Postby Amongthegums » Sun Jan 14, 2018 4:53 am

Hi

Among the security measures implemented on our site is "Admin Tools", which I have also used to geo block most eastern european countries, Ukraine, Georgia, Russia etc.. They were sources of mischief that have previous made my life a misery.

With the measures taken we got failed attempted login reports from Admin Tools down to a couple a day.

However, today I am seeing something different. Over the last 24 hours our backend is being hammered with (failed) attempted backend logins from IP addresses out of Georgia. Each attempt is being reported reaching https://ourdomain.org:443

Can someone enlighten me why these miscreants are using port 443 for the login?

And should I worry?

Thanks

User avatar
AMurray
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 3470
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Constant login attempts on port 443

Postby AMurray » Sun Jan 14, 2018 7:52 am

It's probably automatic bots not "actual people" and it is because, I assume, your site is running with a SSL certificate, for which the HTTPS protocol uses Port 443 (if not for the whole site, then for the Administrator end). The normal protocol (HTTP) uses port 80).

What other security functions do you have in place e.g. 2-factor authentication, or other Admin Tools functions such as the administrator directory being password protected (htaccess) or the "secret key" function?
Regards,
--------------------------------------------------------------
A Murray
Millennium Falcon - it's the ship that made the Kessel run in less than 12 parsecs! The fastest hunk of junk in the galaxy.


Return to “Security in Joomla! 3.x”

Who is online

Users browsing this forum: No registered users and 4 guests