# Limit access to avoid brute force attack
location = /wp-login.php {
limit_req zone=one burst=1 nodelay;
include fastcgi_params;
fastcgi_pass php;
}
# Disable wp-config.txt
location = /wp-config.txt {
deny all;
access_log off;
log_not_found off;
}
# Disallow php in upload folder
location /wp-content/uploads/ {
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# Yoast sitemap
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
# Rules for yoast sitemap with wp|wpsubdir|wpsubdomain
rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
# Following lines are options. Needed for WordPress seo addons
rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
access_log off;
}
File or folder protect with password is a good way to stop malicious login attemptsWhen I view log file for my Wordpress site, there has so many records that showing bots trying to hit my my wp-login.php. Is there a way to secure wp-login.php. I would appreciate any opinions on this.
Nice codes but if I am using other OS, there is a way to do it with a plugin or a simpler way?If you are using Nginx, here the settings for wordpress :
Code:# Limit access to avoid brute force attack location = /wp-login.php { limit_req zone=one burst=1 nodelay; include fastcgi_params; fastcgi_pass php; } # Disable wp-config.txt location = /wp-config.txt { deny all; access_log off; log_not_found off; } # Disallow php in upload folder location /wp-content/uploads/ { location ~ \.php$ { #Prevent Direct Access Of PHP Files From Web Browsers deny all; } } # Yoast sitemap location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ { rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent; rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last; # Rules for yoast sitemap with wp|wpsubdir|wpsubdomain rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last; rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last; # Following lines are options. Needed for WordPress seo addons rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last; rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last; rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last; rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last; access_log off; }
<Files "wp-login.php">
order allow,deny
deny from all
Allow from myy.ipp.add.res
</Files>
SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR},id:1
<Location /wp-login.php>
SecRule user:bf_block "@gt 0" "deny,status:401,log,msg:'ip address blocked for 5 minutes, more than 15 login attempts in 3 minutes.',id:2"
SecRule RESPONSE_STATUS "^302" "phase:5,t:none,log,pass,setvar:ip.bf_counter=0,id:3"
SecRule RESPONSE_STATUS "^200" "phase:5,chain,t:none,log,pass,setvar:ip.bf_counter=+1,deprecatevar:ip.bf_counter=1/180,id:4"
SecRule ip:bf_counter "@gt 15" "t:none,setvar:user.bf_block=1,expirevar:user.bf_block=300,setvar:ip.bf_counter=0"
</location>
ecDataDir /tmp
SecResponseBodyAccess On
SecResponseBodyLimitAction ProcessPartial
SecResponseBodyMimeType text/xml
# SecStreamInBodyInspection requires ModSecurity 2.6.0 or greater
SecStreamInBodyInspection On
SecAction "phase:1,nolog,pass,id:19300,\
initcol:ip=%{REMOTE_ADDR}"
<FilesMatch "xmlrpc.php">
SecRule RESPONSE_BODY "faultString" "id:19301,nolog,phase:4,\
t:none,t:urlDecode,setvar:ip.xmlrpc_bf_counter=+1,\
deprecatevar:ip.xmlrpc_bf_counter=1/300,pass"
SecRule STREAM_INPUT_BODY "<methodCall>wp\." "id:19302,log,chain,\
deny,status:406,phase:4,t:none,t:urlDecode,\
msg:'Temporary block due to multiple XML-RPC method call failures'"
SecRule ip:xmlrpc_bf_counter "@gt 4" "t:none,t:urlDecode,\
t:removeWhitespace
</FilesMatch>
106.75.85.203
96.10.116.230
155.133.82.12
95.39.39.126
195.154.250.118
195.154.250.248
108.175.2.210
91.102.224.83
91.200.12.53
195.154.250.216
182.255.0.60
37.59.110.98
2.50.32.153
195.154.241.166
62.210.188.86
199.15.233.168
199.15.233.162
114.108.150.159
61.19.112.28
197.253.1.252
94.23.250.199
195.154.226.186
173.208.157.186
185.13.224.189
43.228.128.187
103.215.83.39
199.15.233.170
91.197.232.109
130.211.177.25
199.15.233.147
46.4.133.5
14.1.30.27
74.208.86.223
51.254.215.108
138.197.124.33
195.154.183.190
62.210.88.4
125.209.122.46
84.255.248.64
196.3.88.149
93.186.254.98
104.131.228.134
149.156.173.214
195.154.232.138
177.220.137.198
195.154.178.53
91.200.12.103
186.208.1.235
156.67.106.211
137.74.20.93
176.31.106.171
80.122.108.46
51.15.138.215
199.15.233.142
47.90.55.236
61.41.4.26
181.39.89.146
203.154.220.132
124.124.214.44
181.143.230.53
91.200.12.15
217.70.32.3
ForumWeb.Hosting is a web hosting forum where you’ll find in-depth discussions and resources to help you find the best hosting providers for your websites or how to manage your hosting whether you are new or experienced. You’ll find it all here. With topics ranging from web hosting, internet marketing, search engine optimization, social networking, make money online, affiliate marketing as well as hands-on technical support for web design, programming and more. We are a growing community of like-minded people that is keen to help and support each other with ambitions and online endeavors. Learn and grow, make friends and contacts for life.
The world's smartest hosting providers come here to discuss & share what's trending in the web hosting world!