vesta:csf-block-wp-attack
This is an old revision of the document!
CSF block WP brute-force
First install CSF as described here: https://wiki.balinskis.lt/csf
Add to crontab: [code bash] #security */15 * * * * /bin/egrep -h “POST.*wp-login.php.*200” /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print “/usr/sbin/csf -d “$2” wp-login abuser”}' | /bin/sh » /var/log/wp-sec.log 2>&1 */15 * * * * /bin/egrep -h “POST.*xmlrpc.php.*200” /var/log/httpd/domains/*.log | /bin/awk '{print $1}' | /bin/sort | /usr/bin/uniq -c | /bin/awk '$1>=5{print “/usr/sbin/csf -d “$2” xmlrpc abuser”}' | /bin/sh » /var/log/wp-sec.log 2>&1 [/code]
vesta/csf-block-wp-attack.1604609722.txt.gz · Last modified: 2020/11/05 22:55 by dreiggy