Constant login attempts on port 443

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Post Reply
Amongthegums
Joomla! Intern
Joomla! Intern
Posts: 62
Joined: Wed Mar 04, 2015 6:22 am

Constant login attempts on port 443

Post by Amongthegums » Sun Jan 14, 2018 4:53 am

Hi

Among the security measures implemented on our site is "Admin Tools", which I have also used to geo block most eastern european countries, Ukraine, Georgia, Russia etc.. They were sources of mischief that have previous made my life a misery.

With the measures taken we got failed attempted login reports from Admin Tools down to a couple a day.

However, today I am seeing something different. Over the last 24 hours our backend is being hammered with (failed) attempted backend logins from IP addresses out of Georgia. Each attempt is being reported reaching https://ourdomain.org:443

Can someone enlighten me why these miscreants are using port 443 for the login?

And should I worry?

Thanks

User avatar
AMurray
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 3905
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Constant login attempts on port 443

Post by AMurray » Sun Jan 14, 2018 7:52 am

It's probably automatic bots not "actual people" and it is because, I assume, your site is running with a SSL certificate, for which the HTTPS protocol uses Port 443 (if not for the whole site, then for the Administrator end). The normal protocol (HTTP) uses port 80).

What other security functions do you have in place e.g. 2-factor authentication, or other Admin Tools functions such as the administrator directory being password protected (htaccess) or the "secret key" function?
Regards,
--------------------------------------------------------------
A Murray
Millennium Falcon - it's the ship that made the Kessel run in less than 12 parsecs! The fastest hunk of junk in the galaxy.


Post Reply

Return to “Security in Joomla! 3.x”