HackDig : Dig high-quality web security articles for hacker

Do you really know who’s visiting your website?

2015-05-08 15:00
Do you really know who’s visiting your website?

Posted by on May 8, 2015.

We live in the world of Analytics where words like “Big Data” are everywhere to be seen.

But, are you really sure that the visitors of your website or blog are really interested in your content?

A few years ago, maybe… But now, the cybercriminals, or more exactly their bots, are trying to gain access to your website to serve their own content to your visitors.

How do we know that?

There are many ways to find that out, but the simplest ones are:

– install a web application firewall

If you have WordPress, you might want to try one of the “firewalls” that are available for free.

You will be astonished to see that a lot of the visitors try to login into your WordPress.

I wrote back in 2013 an article describing the anatomy of a live attack from China on a WordPress blog.

On a period of 2 days:

  • ~90% of the traffic was Spiders, Bots, Crawlers from Google, Baidu,
  • ~8% of the traffic were attempts to register an account like the one below:
  • ~2% were real visitors

All this happened because the website was pretty good indexed and it had a good domain name (IT Security News).

– Keep an eye on WordPress’ statistics

The situation improved a bit now, because WordPress took stance and rejects now all login attempts from “known” IPs.

This is how it looks now (period of a few months since I reset the statistics):

loginattempts

The blocked malicious login increases with about 100 attempts per day.

Unfortunately, you don’t see these things using services like Google Analytics or even WordPress’ own JetPack statistics.

You just see visitors if you look at the top level statistics…

analytics

Only if you dive deeper in the stats, you can see that many visitors – the vast majority if you are under attack or your site is being indexed by spiders and robots, will stop at the Home level. They don’t go further as they are satisfied by the meta keywords of the website, which are usually found in every page, including the Home page.

 

What can you do?

Well, the first thing to think about is if you want to do something about it. If you block spiders and robots, you will no longer be found by search engines. You probably don’t want this.

You can block however, malicious login attempts. There are tips how to harden WordPress. More or less the same applies to other platforms.

Or you can install a firewall plugin for WordPress and configure it to block the IPs which attempt to apply brute force.

 

 

Sorin Mustaca, CSSLP, Security+, Project+

www.sorinmustaca.com


Source: /etisbew-ruoy-gnitisiv-sohw-wonk-yllaer-uoy-od/50/5102/ku.oc.ytirucesti

Read:3268 | Comments:0 | Tags:Sorin Mustaca analytics bots crawlers login spiders Web Word

“Do you really know who’s visiting your website?”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud