1

I have a small vps with a couple of websites and scripts running on it. One of them is made with wordpress.

Looking at the logs, there is a brute force tentative running. I'm trying to block the ip addresses but basically after ~20 requests, the ip changes (and there are a few concurrently accessing my website).

This stupid script kiddie has put the some bad coded script at work which dosen't care if there is no wp-login page to access. Since this is a bit annoying, I wanted to know if there was a way to block all the ip addresses (possibily via ip-tables) accessing the /wp-login.php webpage - best if with ip-tables.

Thanks

Improve this question

1 Answer 1

Reset to default
0

This problem is discussed on the WordPress article Brute Force Attacks.

In the article are several solutions that involve iptables, but they are mostly oriented toward identifying attack requests and replying that the resource does not exist, which is already your case.

The article also points to lists of WordPress plugins that help mitigate such attacks, where some include blocking attacking IP addresses.

Perhaps the most interesting is BruteGuard, described as:

guards you against botnets by connecting its users to track failed login attempts across all WordPress installations that use the plugin. Once you activate BruteGuard you become part of a inter-connected protection layer against botnet attacks.

With this plugin you then take part in a network of WordPress sites that share attacking IPs.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .