Getting Attacked on my home server

[technicalnetwork]

Hi All.

I've just come home and logged in, found there had been 2000+ server failed log in attempts.

Within a space of a few seconds of logging out and back in I found that there was 37 attempts.

How do I find out who or what is doing this? I have powered my centos off for Now.

centos 7.

[apinto]

2000+ attempts seems like brute force...
Considering your previous issue reported, the attack can be the source of the problem.

The wordpress theme you are using was bought from a safe source?

Anyways I do not believe that these forums are the place for you to get help on this issue.
Be happy that they are just login attempts, it means they did not got in yet

[technicalnetwork]

You sir are a legend

I do believe I got my wordpress theme from a dodgy source you're right - it's that and possibly the cause of my hanging issues causing also dns problems etc etc

Actually my root password is pretty simple, their brute force thing isn't working - also going to install fail2ban etc.

I am currently backing up all my system, installing Ubuntu 14 on it dedicated so not Virtual, installing Sentora and see if still have this issue.

I really want to host from home for now, get some funding through then rent out some proper servers or invest in a leased internet line and more servers.

Thanks all for your help.

[apinto]

WordPress is safe, the issue is that there is many themes and plugins with bad code, sometimes intentionally bad.

Even considering they are trying to login to Sentora, the theme could have tipped them about the server domain/IP.

Also, your domain and DNS entries are public, there's nothing you can do to stop them.from trying.

Installing a too firewall is also a good move (there's a good tutorial to install CRF on the how to section).

Good lick and have fun!

[Active8]

Install CSF Firewall and install Wordfence plugin in your Worpress
Change your SSH port and never use nulled templates from bogus websites