Hello, I am new to ConfigServer. My DirectAdmin reports many Wordpress login attacks (threshold > 50), but ConfigServer Firewall seems not to block these IP numbers. How to arrange that?
Thanks, Hans
how to block wordpress login attack
Re: how to block wordpress login attack
Hi,
I suggest you use something like iThemes Security for wordpress. That will block the fake login attempts.
Also I suggest you use https://github.com/gabrieliuga/stop-xml ... attack.php to block out xmlrpc.php exploit which can cause a high server load. This could be blocked in CSF but might also make it so that it blocks legit connections afterwards.
Hope this helps.
Cheers,
Gabi
I suggest you use something like iThemes Security for wordpress. That will block the fake login attempts.
Also I suggest you use https://github.com/gabrieliuga/stop-xml ... attack.php to block out xmlrpc.php exploit which can cause a high server load. This could be blocked in CSF but might also make it so that it blocks legit connections afterwards.
Hope this helps.
Cheers,
Gabi