Differences
This shows you the differences between two versions of the page.
| |
vesta:csf-block-wp-attack [2020/11/05 22:55] – created dreiggy | vesta:csf-block-wp-attack [2020/11/05 22:56] (current) – dreiggy |
---|
| |
Add to crontab: | Add to crontab: |
[code bash] | <code bash> |
#security | #security |
*/15 * * * * /bin/egrep -h "POST.*wp-login.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" wp-login abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 | */15 * * * * /bin/egrep -h "POST.*wp-login.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" wp-login abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 |
*/15 * * * * /bin/egrep -h "POST.*xmlrpc.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" xmlrpc abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 | */15 * * * * /bin/egrep -h "POST.*xmlrpc.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" xmlrpc abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 |
[/code] | </code> |