User Tools

Site Tools


vesta:csf-block-wp-attack

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

vesta:csf-block-wp-attack [2020/11/05 22:55]
dreiggy created
vesta:csf-block-wp-attack [2020/11/05 22:56] (current)
dreiggy
Line 4: Line 4:
  
 Add to crontab: Add to crontab:
-[code bash]+<code bash>
 #security #security
 */15 * * * * /bin/egrep -h "POST.*wp-login.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" wp-login abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 */15 * * * * /bin/egrep -h "POST.*wp-login.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" wp-login abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1
 */15 * * * * /bin/egrep -h "POST.*xmlrpc.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" xmlrpc abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 */15 * * * * /bin/egrep -h "POST.*xmlrpc.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" xmlrpc abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1
-[/code]+</code>
vesta/csf-block-wp-attack.txt ยท Last modified: 2020/11/05 22:56 by dreiggy