Saturday, May 21, 2022
Cpanel/WHM Wordpress

wp-login kena brute force — modsec

Ketika wp-login kena brute force :

SecRule REQUEST_URI “wp-login.php
# This has to be global, cannot exist within a directory or location clause . . .
SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR}

# Setup brute force detection.
# React if block flag has been set.
SecRule user:bf_block “@gt 0” “deny,status:401,log,msg:’ip address blocked for 5 minutes, more than 15 login attempts in 3 minutes.’”
# Setup Tracking. On a successful login, a 302 redirect is performed, a 200 indicates login failed.
SecRule RESPONSE_STATUS “^302” “phase:5,t:none,nolog,pass,setvar:ip.bf_counter=0”
SecRule RESPONSE_STATUS “^200” “phase:5,chain,t:none,nolog,pass,setvar:ip.bf_counter=+1,deprecatevar:ip.bf_counter=1/180”

(Visited 4 times, 1 visits today)
Klik untuk berbagi dengan orang lain
Baca Juga :  Cara custome php.ini di php-selector (cagefs) cpanel

Similar Posts