====== DirectAdmin httpd wp-login.php security ======
Requirements:
yum install GeoIP GeoIP-devel GeoIP-update -y
Compile mod_geoip from here: https://github.com/maxmind/geoip-api-mod_geoip2
wget --no-check-certificate -O /tmp/mod_geoip.c https://raw.githubusercontent.com/maxmind/geoip-api-mod_geoip2/master/mod_geoip.c
apxs -i -a -L/usr/local/lib -I/usr/local/include -lGeoIP -c /tmp/mod_geoip.c
rm -f /tmp/mod_geoip.c
Move module include from httpd.conf to /etc/httpd/conf/extra/httpd-includes.conf, because custombuild will overwrite it.
Create password file:
htpasswd -c /var/www/html/.htpasswd user
Create file: /etc/httpd/conf/extra/geoip-wp-admin.conf
#WP-SECURITY
#whitelist country
SetEnvIf GEOIP_COUNTRY_CODE LT AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE LV AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE EE AllowCountry
AuthName "Prove You are not bot. Please enter User: a / Password: a"
AuthType Basic
AuthUserFile /var/www/html/.htpasswd
AuthGroupFile /dev/null
Satisfy any
Deny from all
Allow from env=AllowCountry
require valid-user
Edit file and add: /etc/httpd/conf/extra/httpd-includes.conf
#geoip module load
LoadModule geoip_module /usr/lib/apache/mod_geoip.so
Include /etc/httpd/conf/extra/geoip-wp-admin.conf
====== Easy way ======
Just put in httpd-includes.conf
AuthType basic
AuthName "Wordpress Security: Use the following credentials."
AuthBasicProvider file
AuthUserFile /etc/httpd/conf/wordpress.passwd
Require valid-user
ErrorDocument 401 default
ADDITIONAL LINKS:
* https://github.com/maxmind/geoip-api-mod_geoip2
* https://serverfault.com/questions/567113/apache-2-2-and-http-auth-by-country-with-mod-geoip
* https://www.howtoforge.com/nginx-how-to-block-visitors-by-country-with-the-geoip-module-debian-ubuntu