ConfigServer Community Forum

hello all - (newbie first time posting)

i have noticed my log files are filling up with wp-login.php attacks. my wordpress site itself is secured with a 2 second login-delay along with two separate captchas (yes its overkill but it helps me sleep at night)

however, there are thousands and thousands of attacks, most taking place between 4 and 6am (eastern standard time).

my problem is that one wants to open a new cgi-bin process in memory. i have a bash script that runs every minute and counts the cgi-bin processes, and once it exceeds 30 the script restarts apache. not much of a solution, but it keeps the server up.

my question (finally): can CSF do anything to prevent the excessive calls to wp-login.php ? maybe something to block an IP if the request comes in more than one every 5 seconds?

CSF seems to be so powerful i am guessing there is a setting somewhere to do just this.

Hi
I use 2 methods together for this problem, a wordpress plugin called limit-login-attempts and a htaccess file setup to stop any login attempt that is not refered from a hidden link page on the site, this stops scripts from direct accessing the login page.
CSF is not used, wordpress is attacked so often it would fill my firewall IP ban list to capacity.

thank you hostmart -- i have used a couple of those, but i had really hoped that CSF had some way to limit an IP from trying to log in too frequently.

limit-login-attempts does not work very well in the multisite mode (or at least i was unable to get it working). limit-login-lockdown seemed to work better, but there is a question how well it is supported since there has been no recent activity.

another person suggested this new plugin:
wordpress dot org/plugins/rename-wp-login/ for renaming the wp-login.php file. i suspect this will solve the problem altogether, but i still wish CSF had some way to deal with this situation.

another awesome plugin is login-delay, where you can set a one or two second (or more) login delay.