Brute Force Protect untuk wordpress di cPanel


Status
Not open for further replies.
Bestariweb Hosting

Bestariweb Hosting

Hosting Guru
The Warrior
Verified Provider
hendranata said:
mending pake plugin wp untk hide wp-admin nya.
Click to expand...
Kalo masalah plugin ini urusan user cpanel masing-masing..
yang sy maksud, untuk WHM secara global. jadi walaupun user awam yg belum faham security di wordpress juga akan terbantu. Dan ujung-ujungnya biar kita sebagai hoster juga gak kerepotan dgn High loading yang penyebabnya sepele hanya karena bruteforce.
 
Bestariweb Hosting

Bestariweb Hosting

Hosting Guru
The Warrior
Verified Provider
barusan sy coba pake mod_security untuk bruteforce wp-login.
Hasilnya di CSf seperti ini:


Code: 
Time:     Thu Mar  2 09:59:56 2017 +0000
IP:       141.101.80.217 (SE/Sweden/-)
Failures: 5 (mod_security)
Interval: 3600 seconds
Blocked:  Permanent Block

Log entries:

[Thu Mar 02 09:59:09.896215 2017] [:error] [pid 17564:tid 140197958166272] [client 141.101.80.217] ModSecurity: Access denied with code 401 (phase 2). Operator GT matched 0 at USER:bf_block. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "6"] [id "5000135"] [msg "ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes."] [hostname "[URL='http://www.rentalmobil-alphard-vellfire.com']www.rentalmobil-alphard-vellfire.com[/URL]"] [uri "/wp-login.php"] [unique_id "WLfs7bAch@ZEp4QMJsRK5wAAAFc"]
[Thu Mar 02 09:59:20.552135 2017] [:error] [pid 17653:tid 140198050486016] [client 141.101.80.217] ModSecurity: Access denied with code 401 (phase 2). Operator GT matched 0 at USER:bf_block. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "6"] [id "5000135"] [msg "ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes."] [hostname "[URL='http://www.rentalmobil-alphard-vellfire.com']www.rentalmobil-alphard-vellfire.com[/URL]"] [uri "/wp-login.php"] [unique_id "WLfs@OIniGceRgMOVwAv1gAAAAw"]
[Thu Mar 02 09:59:33.754632 2017] [:error] [pid 24171:tid 140198067271424] [client 141.101.80.217] ModSecurity: Access denied with code 401 (phase 2). Operator GT matched 0 at USER:bf_block. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "6"] [id "5000135"] [msg "ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes."] [hostname "[URL='http://www.rentalmobil-alphard-vellfire.com']www.rentalmobil-alphard-vellfire.com[/URL]"] [uri "/wp-login.php"] [unique_id "WLftBRzuNpZKjkKW6po9qQAAAUo"]
[Thu Mar 02 09:59:44.649594 2017] [:error] [pid 17571:tid 140198000129792] [client 141.101.80.217] ModSecurity: Access denied with code 401 (phase 2). Operator GT matched 0 at USER:bf_block. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "6"] [id "5000135"] [msg "ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes."] [hostname "[URL='http://www.rentalmobil-alphard-vellfire.com']www.rentalmobil-alphard-vellfire.com[/URL]"] [uri "/wp-login.php"] [unique_id "WLftECTohYBFG9a-HCXWAgAAAJI"]
[Thu Mar 02 09:59:52.600830 2017] [:error] [pid 24171:tid 140198000129792] [client 141.101.80.217] ModSecurity: Access denied with code 401 (phase 2). Operator GT matched 0 at USER:bf_block. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "6"] [id "5000135"] [msg "ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes."] [hostname "[URL='http://www.rentalmobil-alphard-vellfire.com']www.rentalmobil-alphard-vellfire.com[/URL]"] [uri "/wp-login.php"] [unique_id "WLftGBzuNpZKjkKW6po9rAAAAVI"]

Apakah ini berhasil ?
 
idnix

idnix

Hosting Guru
Verified Provider
iya itu udah blocked
 
Status
Not open for further replies.

Top