Is your OpenCart admin panel being DDoS attacked?

Posted by Joe on January 25, 2022

We have recently seen a surge of what appear to be brute-force attacks from all over the world, targeting any and every website they can - including OpenCart sites. The first symptoms are a sudden huge drop in website speed in both the storefront and admin panel, as well as pages failing to load entirely with errors such as connection timed out and max_user_connections exceeded.

The key sign that your website is affected by this particular attack is in your server access log. Here's an example from one website which was targeted by this attack:

18.130.230.142 - - [24/Jan/2022:09:31:44 +0000] "POST /admin/ HTTP/1.1" 200 1629 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.77.98.144 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1627 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.96.133.239 - - [24/Jan/2022:09:31:44 +0000] "POST /admin/ HTTP/1.1" 200 1628 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.198.190.2 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1629 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.83.49.191 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1626 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.25.52.200 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1629 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.157.212.69 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1628 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 15.228.78.166 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1626 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.13.59.17 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1628 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.124.117.161 - - [24/Jan/2022:09:31:45 +0000] "POST /admin/ HTTP/1.1" 200 1630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

Heaps of requests to the /admin/ page every second! This is only a ten-line sample of an enormous 700,000-line-long access log for that day alone. That's a lot of unfriendly traffic!

The data sent in these requests almost universally contains a username of admin and a very simple password - usually a word or name and maybe one or two numbers - indicating this is actually a form of dictionary attack, where bots will send hundreds of login attempts to a server, trying out a huge list of common passwords one-by-one in an attempt to find one that will let them break into your admin panel (this is also why it's important to use a strong password that's hard for bots to guess!).

Luckily, we at Antropy have developed a handy extension that will stop these nasty bots in their tracks. To help as many in the OpenCart community as possible to secure their sites, we have made it available for free download on the OpenCart Marketplace.

Download the Antropy Admin Panel Brute Force Block extension

If you would like us to install this extension on your site for you, send us an email at info@antropy.co.uk and we will be happy to help. If your website is hosted on our servers we can put additional measures in place to further keep these spammers at bay and ensure your website's in top shape for your customers.

blog comments powered by Disqus

Testimonials

Firstly, thanks ever so much to you and your team for getting these two sites up and running. It’s a pleasure to work with people who are so helpful and responsive to our requirements. We’re very happy with both sites and all seems to be working fine.

Aidan, Nauticalia

The deliveries are now incredibly clear and there is no more admin work on this side which is excellent. It’s amazing really and I think our customers enjoy knowing exactly when they are getting it unlike nearly every other furniture company out there! Thanks for this.

Jonathan Haskins, Get Laid Beds

Just wanted to say a big thank you for all your help and support thus far. You've been absolutely brilliant. You've given me absolute confidence that when there is a problem it is sorted which really gives me peace of mind.

Tracy, FLUX

Very impressed with the quick service! There is nothing more we need help with right now but we would certainly use you in the future for other issues or alterations we may have. Thank you very much!

Jemma, Aquafayre

Excellent work, delivered in a friendly and consultative way throughout the whole process. For a small company such as my own it was great to be guided through the process, and all my requests were responded to and I felt involved from start to finish.

Phil Saville, Rook Systems

Good to work with, very straight forward

Grant Berry, Home World

Excellent company with outstanding knowledge of opencart and how to get the best from it. If you are looking for a reliable and professional company to work with I wouldn't hesitate to recommend these guys.

Ashley Morrison, Lockertek

We recently started using Antropy for our OpenCart website as internal IT is swamped and we needed back up and they have been great. Work is quick and efficient, we never need to ask for something twice and communication is good. Gives us confidence that when we need something to be done, it will be and to a high standard.

Dominic Old, The Wasabi Company

Thank you all for the hard work, it has paid off, it looks good. The logo is great to promote the practice and the website we can be proud of. Thank you again.

Biddy Arnott, Group Analytic Practice Ltd

Thanks again for all your hard work on the 3D renders … the results have been fantastic and I look forward to working together again in the future.

Kim, Kimberley-Jane: Design

We found Antropy to be very responsive and approachable to work with. They gladly took our own designs and transformed them into an easy-to-manage website. Communication was easy and any requests for change were promptly done. Many thanks for the work!

John Caiger, Matraxis

Merged two previously HUGE separate sites (website and webstore) into one streamlined website with integrated store, with improved social media and mailing list results. Joe helped communicate complicated jargon into simpler terms, solved issues/queries quickly, and the follow up support has been invaluable.

Jo, Cold Spring Records

Antropy not only gave freely of their time to talk with me, they had the patience to teach me as we went along. They came up with various ideas that allowed me to choose what I liked best and with their guidance we got exactly the website we dreamed about.

David, RC Geeks

Always helpful and extremely responsive to any request and once the project has been rolled out they continue to assist you with great help and advice to make the most of your website

Jamie Chandler, Newvotek

After many years of trying to update my website, dealing with problematic code, delays, etc, I found Antropy about 10 years ago. I can not say enough great things about the quality of their coding and stability of my website along with the professionalism of their staff. I now have a well functioning website that has stood the test of time. Our site is an e-commerce site so that having it up and running is crucial to our business. On the rare occasion that there is a problem with the site, Antropy's team is quick and responsive to finding the problem and fixing it quickly.

Lynn Reznick, Off The Mark

We are really delighted with the finished product, it has far exceeded our expectations... Many thanks again for your support and setting up what I feel is the best Alzheimer's website in the country.

Lynne, MK Alzheimer's

We worked with Antropy on our new webshop at kikgoes.nl in the past months. We have enjoyed working with them because of their extensive knowledge of Opencart and the rapid pace of development. We regularly added requirements to the projects and we've never had anything that couldn't be done. We look forward to working with Antropy again for new projects or adjustments to our webshop!

Joël van Daalen, Kik Cycleparts

Taken on both smaller and large projects to a very high standard. Delivered on time, with a professional level of service. Always better than we envisioned. Staff are always ready to help with any issues we have. Really pleased with the results of Antropy, and hopefully we can do more business together in the future!

Josh, Toyland Toyshop

Wow, I am speechless. Thank you so much, this is perfect !!!! Thank you, thank you !!!

Marios Pantelli, Sewing Machine Company

Thanks for your hard work, it's very much appreciated.

Colin Farndale, CJF Motorcycles

Is your OpenCart admin panel being DDoS attacked?

Testimonials

Services

About

Contact

Social