Re: Block brute force on wordpress wp-login ?
Posted: 13 Mar 2017, 06:01
cPanel with WHM on Centos 7 64bit. Latest version of CSF is running. I will check everything again and ask my hosting provider as well and let you know.
This is the correct path to my apache access log and so the entry in csf.conf is:
CUSTOM4_LOG = "/usr/local/apache2/access_log"
Have checked everything carefully and it is not trapping these events.
I have ModSecurity module installed with Vendor Tools and they are trapping these events well and adding IP's to the deny list so CSF is working well but not for these Wordpress failed logins.
.
Mar 14 07:32:58 server1 lfd[6397]: (mod_security) mod_security (id:970901) triggered by 110.147.133.59 (AU/Australia/CPE-110-147-133-59.nhl8.cht.bigpond.net.au): 10 in the last 3600 secs - *Blocked in csf* [LF_MODSEC]
Any other suggestions?
This is the correct path to my apache access log and so the entry in csf.conf is:
CUSTOM4_LOG = "/usr/local/apache2/access_log"
Have checked everything carefully and it is not trapping these events.
I have ModSecurity module installed with Vendor Tools and they are trapping these events well and adding IP's to the deny list so CSF is working well but not for these Wordpress failed logins.
.
Mar 14 07:32:58 server1 lfd[6397]: (mod_security) mod_security (id:970901) triggered by 110.147.133.59 (AU/Australia/CPE-110-147-133-59.nhl8.cht.bigpond.net.au): 10 in the last 3600 secs - *Blocked in csf* [LF_MODSEC]
Any other suggestions?