Vanaf 1 december gaan de prijzen omhoog van een aantal TLDs, namelijk van .NL (8.25 Euro), .BE (9.45 Euro), .COM (16.75 Euro), .ORG (16.95 Euro), .BIZ (18.95 Euro), .INFO (19.99 Euro), .MOBI (22.95 EURO), .CLUB (17.95 Euro) en .ONLINE (32.50 Euro).
De redenen hiervoor zijn o.a. prijsverhogingen vanuit de verschillende registries, stijgende stroomkosten en inflatie kosten. De prijzen gaan dus vanaf 1 december in.
We herhalen het nog maar eens!
The bruteforce attacks against WordPress and Joomla login pages - as written here already: https://www.helpburo.eu/index.php?/News/NewsItem/View/67/massale-brute-force-pogingen-op-wordpress-sites - are getting worse all over the internet, not only on your server.
Even worse are the WordPress xmlrpc pingback attacks which are well known
since years - see here a description and also a solution to this
problem: http://perishablepress.com/wordpress-xmlrpc-pingback-vulnerability/
The problem is, that the attacks are coming from thousands of IPs in parallel, which even overloads those plug-ins. There exists currently only one solution:
1) Joomla installations
Use Plesk or DirectAdmin frontend to password-protect the directory /administrator of the Joomla installation
2) WordPress installations
For WordPress, we must password-protect the access to the file wp-login.php, as this one is opened directly by the attackers. This must be done manually:
a) create a .htpasswd file, either manually on the server or with an online tool like http://www.htaccesstools.com/htpasswd-generator/
b) place the .htpasswd file in the base directory of your WordPress installation
c) create in the base directory of your WordPress installation a .htaccess file with the following lines - if already a .htaccess file exists, add those lines to the absolute top of the file:
# Stop Apache from serving .ht* files
Order allow,deny
Deny from all
# Protect wp-login
AuthUserFile /YYYYY/.htpasswd
AuthName "Private access"
AuthType Basic
require user XXXXX
- replace the XXXXX with the username you used in the .htpasswd file.
- replace /YYYYY with the full path to your hosting directory, eg:
/var/www/vhosts/testdomain.nl/httpdocs/.htpasswd (Plesk style)
/home/user/domains/testdomain.nl/public_html/.htpasswd (DirectAdmin style)
For server owners:
THIS MUST BE DONE FOR ALL WORDPRESS OR JOOMLA INSTALLATIONS ON THE SERVER!