User Tools

Site Tools


webservers:apache-wp-login-sec

DirectAdmin httpd wp-login.php security

Requirements:

yum install GeoIP GeoIP-devel GeoIP-update -y

Compile mod_geoip from here: https://github.com/maxmind/geoip-api-mod_geoip2

wget --no-check-certificate -O /tmp/mod_geoip.c https://raw.githubusercontent.com/maxmind/geoip-api-mod_geoip2/master/mod_geoip.c
apxs -i -a -L/usr/local/lib -I/usr/local/include -lGeoIP -c /tmp/mod_geoip.c
rm -f /tmp/mod_geoip.c

Move module include from httpd.conf to /etc/httpd/conf/extra/httpd-includes.conf, because custombuild will overwrite it.

Create password file:

htpasswd -c /var/www/html/.htpasswd user

Create file: /etc/httpd/conf/extra/geoip-wp-admin.conf

#WP-SECURITY

#whitelist country
SetEnvIf GEOIP_COUNTRY_CODE LT AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE LV AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE EE AllowCountry

<Locationmatch "/wp-login.php">
    AuthName "Prove You are not bot. Please enter User: a / Password: a"
    AuthType Basic
    AuthUserFile /var/www/html/.htpasswd
    AuthGroupFile /dev/null
    Satisfy any
    Deny from all
    Allow from env=AllowCountry
    require valid-user
</Locationmatch>

Edit file and add: /etc/httpd/conf/extra/httpd-includes.conf

#geoip module load
LoadModule geoip_module /usr/lib/apache/mod_geoip.so
Include /etc/httpd/conf/extra/geoip-wp-admin.conf

Easy way

Just put in httpd-includes.conf

<Files wp-login.php>
AuthType basic
AuthName "Wordpress Security: Use the following credentials."
AuthBasicProvider file
AuthUserFile /etc/httpd/conf/wordpress.passwd
Require valid-user
ErrorDocument 401 default
</Files>

ADDITIONAL LINKS:

webservers/apache-wp-login-sec.txt · Last modified: 2018/06/04 12:07 by dreiggy