[modx]

Hi, sorry if I ask a question here but it is also with regards to adding a Send Private Message button/link.

I would like to add it on the user profile. For example when a user views my profile, he/she can send me a private message through my profile page.

Any help is greatly appreciated. Thank you!

[modx]

@djsteveb – Will try to do a clean install again. I’m thinking of setting up everything locally first, then upload all at once on the sites public directory. I don’t know though, if it works by not using Softaculous from cPanel and just manually uploading.

Anyway again thanks for the helpful tips I appreciate it. I have already took note and it will be really handy.

[modx]

I wonder if I do a clean install again though. If the same thing happens then maybe the backend is infected or something. I’m not really knowledgeable with this stuffs, I just want my site to run as normal as possible.

[modx]

@djsteveb – I think it’s not only with login attempts, but posts that are being forcefully being posted, BP Members, Groups, and Activity being accessed and I am only seeing one username of rogeliomackie. iThemes Security log shows site URLs that doesn’t even exist yet on my website, and these activities are happening here. Most of these URLs are from BuddyPress generated pages which I removed asap after installing the plugin, so I am wondering.

I agree that not only WordPress but other CMS and websites gets unwanted visitors daily. One of my concerns too is bandwidth usage, 2 days and it’s already around 800MB and the max is only 48 GB. I know pages are being indexed but it just feels abnormal. What if my site got a lot of users and these unwanted activities happen at the background, I’m thinking that the site will get unimaginably slow.

As the site aim is for a community that can submit video links and automatically get posted, I am looking into adding Captcha and other security measures specially integrating security to BuddyPress pages like Registration. I haven’t seen a Login page generated though.

Thanks for the tips and advice I appreciate it.

[modx]

I am trying to add this

RewriteCond %{REMOTE_ADDR} ^212.100.254.105$
RewriteCond %{HTTP_USER_AGENT} Yandex
RewriteCond %{HTTP_USER_AGENT} ^Baiduspider [NC,OR”
RewriteCond %{HTTP_USER_AGENT} ^Sogou
RewriteRule ^.*$ – [F”

on htaccess but not sure where as I get inter error when I do it like this:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{REMOTE_ADDR} ^212.100.254.105$
RewriteCond %{HTTP_USER_AGENT} Yandex
RewriteCond %{HTTP_USER_AGENT} ^Baiduspider [NC,OR”
RewriteCond %{HTTP_USER_AGENT} ^Sogou
RewriteRule ^.*$ – [F”
</IfModule>

# END WordPress

[modx]

@djsteve – I found this with regards to the spiders and href ones

Blocking parasite

I hope I’m on the right track though.

Anyway I hope some other members of the forum can give their insights too.

[modx]

@djsteveb – Hi thanks for the info! So does this mean this has nothing to do with BuddyPress at all?

Some posts are being posted with a user ID=0, even though registration is disabled already. Below is from the first 5

log_id log_type log_function log_priority log_date log_date_gmt log_host log_username log_user log_url log_referrer log_data
1 brute_force Invalid Login Attempt 5 2015-07-16 10:13:39 2015-07-16 10:13:39 23.250.34.71 rogeliomackie 0 a:0:{}
2 brute_force Invalid Login Attempt 5 2015-07-16 10:16:56 2015-07-16 10:16:56 172.85.106.118 rogeliomackie 0 a:0:{}
3 brute_force Invalid Login Attempt 5 2015-07-16 10:19:25 2015-07-16 10:19:25 172.85.103.167 rogeliomackie 0 a:0:{}
4 brute_force Invalid Login Attempt 5 2015-07-16 10:23:32 2015-07-16 10:23:32 45.59.26.85 rogeliomackie 0 a:0:{}
5 brute_force Invalid Login Attempt 5 2015-07-16 10:24:18 2015-07-16 10:24:18 50.118.159.10 rogeliomackie 0 a:0:{}

[modx]

Here’s a screenshot. As you can see it is around 1K already