Web Hosting Ask

Web Hosting Ask > Web Hosting Main Forums > Web Hosting Insider Tutorials
 > How to block brute-force attack on Wordpress
Full Version: How to block brute-force attack on Wordpress
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.

StevenB

06-28-2021, 01:13 PM
Hi,

For those who have a server that running with CSF, this is how to block WordPress login attack.

/usr/local/csf/bin/regex.custom.pm

Code:
if (($globlogs{CUSTOM4_LOG}{$lgfile}) and ($line =~ /(\S+).*] "POST \/wp-login\.php.*" 200/)) {
    return ("Failed Wordpress login from",$1,"wordpress","5","80,443","3600");
}
You can replace 3600 with 1 if want to block IP permanently.

/etc/csf/csf.conf

Code:
CUSTOM4_LOG = "/var/log/apache2/domlogs/*/*"
The load on the server will not high. Mine load only load average: 9.78, 10.68, 10.16.

You can check this using tail -f /var/log/lfd.log

Cheers!

naba_dajani

06-29-2021, 12:09 PM
Don't forget to put your country code under CC_ALLOW to avoid your country blocks.

robinzzz

06-30-2021, 05:32 PM
(06-28-2021, 01:13 PM)StevenB Wrote: [ -> ]Hi,

For those who have a server that running with CSF, this is how to block WordPress login attack.

/usr/local/csf/bin/regex.custom.pm

Code:
if (($globlogs{CUSTOM4_LOG}{$lgfile}) and ($line =~ /(\S+).*] "POST \/wp-login\.php.*" 200/)) {
    return ("Failed Wordpress login from",$1,"wordpress","5","80,443","3600");
}
You can replace 3600 with 1 if want to block IP permanently.

/etc/csf/csf.conf

Code:
CUSTOM4_LOG = "/var/log/apache2/domlogs/*/*"
The load on the server will not high. Mine load only load average: 9.78, 10.68, 10.16.

You can check this using tail -f /var/log/lfd.log

Cheers!

Working perfectly thanks, been having so many issues with WP lately.

jeffreedhmer

07-03-2021, 02:52 PM
(06-28-2021, 01:13 PM)StevenB Wrote: [ -> ]Hi,

For those who have a server that running with CSF, this is how to block WordPress login attack.

/usr/local/csf/bin/regex.custom.pm

Code:
if (($globlogs{CUSTOM4_LOG}{$lgfile}) and ($line =~ /(\S+).*] "POST \/wp-login\.php.*" 200/)) {
    return ("Failed Wordpress login from",$1,"wordpress","5","80,443","3600");
}
You can replace 3600 with 1 if want to block IP permanently.

/etc/csf/csf.conf

Code:
CUSTOM4_LOG = "/var/log/apache2/domlogs/*/*"
The load on the server will not high. Mine load only load average: 9.78, 10.68, 10.16.

You can check this using tail -f /var/log/lfd.log

Cheers!


1. Use strong login credentials

2. Hide WordPress login page
3. Two-factor Authentication


Web Hosting Ask > Web Hosting Main Forums > Web Hosting Insider Tutorials
 > How to block brute-force attack on Wordpress