Block WordPress Attack with CSF

Edit /etc/csf/regex.custom.pm and add: Code: Select all # wordpress if (($globlogs{CUSTOM4_LOG}{$lgfile}) and ($line =~ /(\S+).*] “POST \/wp-login\.php.*” 200/)) { return (“Failed WordPress login from”,$1,”wordpress”,”20″,”80,443″,”3600″); } Then update /etc/csf/csf.conf and change CUSTOM4_LOG to scan your web server access logs. (If they aren’t doing so already). Eg. for Plesk: /var/www/vhosts/system/*/logs/access_log That rule will block brute force attacks […]