Publish: 2014-11-29 | Modify: 2014-11-29
Last week, after disabling Duoshuo, I started using the built-in comment system in WordPress. At some point, I suddenly received a large number of spam comments and continuous attempts to inject attacks (unfortunately, WordPress itself is very secure, so the injection attacks were completely ineffective).
The attacker's nickname was 8888, and the email was [email protected]. The attacks lasted for over half an hour, and I received more than 50 spam comments, all of which were injection attacks. At first, I thought it was a deliberate attack, so I directly blocked the IP, and the attacks stopped.
Later, through discussions with other users, I found out that I was not the only one facing this issue. It turns out that similar situations have happened to others as well. Some friends mentioned that it might be a simulated attack by 360 to check for vulnerabilities on websites. I checked the time when my website was being checked by 360 webmaster tools, and it perfectly matched the time of the attack. So it's reasonable to assume that it was a simulated attack by 360.
However, I have a question. 360 displayed that the check on my website only took about 4 minutes, but the simulated attack lasted for over half an hour (it stopped after I blocked the IP, so I don't know how long it would have continued if I hadn't blocked it). What the hell, 360? And they didn't even notify me that they were conducting a simulated attack on my website. This feels very unethical. Are they intentionally doing this and then asking users to use their XXX Website Defender?
If any of you have encountered similar situations, I recommend taking immediate protective measures. Please check out the article "How to Effectively Block WordPress Spam Comments" for more information.
I come from China and I am a freelancer. I specialize in Linux operations, PHP, Golang, and front-end development. I have developed open-source projects such as Zdir, ImgURL, CCAA, and OneNav.