MyWiki

User Tools

Site Tools

Trace:
vesta:csf-block-wp-attack

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

vesta:csf-block-wp-attack [2020/11/05 22:55] – created dreiggyvesta:csf-block-wp-attack [2020/11/05 22:56] (current) dreiggy
Line 4: Line 4:
  
 Add to crontab: Add to crontab:
-[code bash]+<code bash>
 #security #security
 */15 * * * * /bin/egrep -h "POST.*wp-login.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" wp-login abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 */15 * * * * /bin/egrep -h "POST.*wp-login.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" wp-login abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1
 */15 * * * * /bin/egrep -h "POST.*xmlrpc.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" xmlrpc abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1 */15 * * * * /bin/egrep -h "POST.*xmlrpc.php.*200" /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print "/usr/sbin/csf -d "$2" xmlrpc abuser"}' | /bin/sh >> /var/log/wp-sec.log 2>&1
-[/code]+</code>
vesta/csf-block-wp-attack.txt · Last modified: 2020/11/05 22:56 by dreiggy
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki