Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Noble

Block brute-force attack on Wordpress

Recommended Posts

Admin

Hi,

For those who have a server that running with CSF, this is how to block WordPress login attack.

/usr/local/csf/bin/regex.custom.pm

if (($globlogs{CUSTOM4_LOG}{$lgfile}) and ($line =~ /(\S+).*] "POST \/wp-login\.php.*" 200/)) {
    return ("Failed Wordpress login from",$1,"wordpress","5","80,443","3600");
}

You can replace 3600 with 1 if want to block IP permanently.

/etc/csf/csf.conf

 

CUSTOM4_LOG = "/var/log/apache2/domlogs/*/*"

The load on the server will not high. Mine load only load average: 9.78, 10.68, 10.16.

You can check this using tail -f /var/log/lfd.log

Cheers!


tpbanner.jpg

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.