I am getting some unexpected request from multiple ip address at a time from last few day. I installed a wordpress site on my server and they people hitting on my wp-login.php page, In log file I saw something like...
Blo [05/Jun/2015:06:19:14 +0200] "POST /wp-login.php HTTP/1.0" 503 2966 "-" "hjelp.tips-info.com" "-"
Then I the change the permission of this file. But I still getting some message in error log file. They people still sending some post request on that file(wp-login.php) and it returned 404 error. Is there something worried? I don't know.
Is my server getting slow for processing those bad request? this request come from multiple ip address, so I can't block those ip.
For php, there's one quick solution I have. Try to put IP range or specific IP to block.
Not tested but it will work I feel. You might need to make alterations as well for your suitable requirements.
public static function isIpInRange($ip,$rangeArray){
foreach ($rangeArray as $ipOrRange) {
if(is_array($ipOrRange)){
//If $ipOrRange is array then it must be range where 0th element is min range and 1st element is max range
$min = ip2long($ipOrRange[0]);
$max = ip2long($ipOrRange[1]);
if ((ip2long($ip) >= $min) && (ip2long($ip) <= $max)){
return true;
}
}elseif($ip==$ipOrRange){
return true;
}
}
return false;
}
Hope that helps!!