[pmwiki-users] Under attack

Sat Mar 9 09:46:58 CST 2013

Hi List,

I believe I am under heavy password brute force attack, the password is
really long and difficult to guess so they will stay there for a while
trying to guess it.

The thing which is really annoying is that I get an error messages every
time they try to brute force my site (it is not the first time though).

I don't use authuser so it is just one form field in the login action, to
send the password back to the site.

I have some recipes enabled, some are my own recipes.

The error messages are like this:

[01-Mar-2013 07:09:12 UTC] PHP Warning:  Cannot modify header information -
headers already sent by (output started at ../public_html/pmwiki.php:2067)
in /home2/codexwik/public_html/scripts/author.php on line 25
[01-Mar-2013 07:09:12 UTC] PHP Warning:  Cannot modify header information -
headers already sent by (output started at ../public_html/pmwiki.php:2067)
in /home2/codexwik/public_html/pmwiki.php on line 1176
[13-Nov-2012 21:02:25 UTC] PHP Warning:  Cannot modify header information -
headers already sent by (output started at ../public_html/pmwiki.php:2067)
in /home2/codexwik/public_html/scripts/feeds.php on line 258

and lots of these:

[26-Feb-2013 16:28:32 UTC] PHP Warning:  Unknown: Failed to write session
data (files). Please verify that the current setting of session.save_path
is correct (/tmp) in Unknown on line 0

I already looked at the lines inside each script referenced above and the
error appears always when the header function gets used.

I want to trap the attacker attempts and I have some ideas, but it is not
so good.

If you guys can give me some advice, I'll be more then happy to listen and
follow.

Regards,

CarlosAB

----
Codex - Educação sobre tecnologias web
http://codex.wiki.br/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pmichaud.com/pipermail/pmwiki-users/attachments/20130309/ddb25cb5/attachment.html>