User Tools

Site Tools


vesta:csf-block-wp-attack

CSF block WP brute-force

First install CSF as described here: https://wiki.balinskis.lt/csf

Add to crontab:

#security
*/15 * * * * /bin/egrep -h "POST.*wp-login.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" wp-login abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1
*/15 * * * * /bin/egrep -h "POST.*xmlrpc.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" xmlrpc abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1
vesta/csf-block-wp-attack.txt · Last modified: 2020/11/05 22:56 by dreiggy