Back to website Login
There was a problem loading the comments.

WordPress Brute Force wp-admin Attacks - What to Look For

Support Portal  »  Knowledgebase  »  Viewing Article
  Print
8Dweb wants to share some tips to website owners to help YOU find and mitigate brute-force attacks on your WordPress admin login.

  • Be SURE to view your error and transfer logs for your site through the SiteWorx Control Panel
  • Look for wp-login.php in the access log, usually in groups of a handful of attempts, often from different but similar IPs. Keep in mind your IP will have wp-login.php entries - don't block that. To check your IP you can use http://fetchip.com
  • Remove your admin user - rename it to something LONG. Reset your admin password.
  • Change your database prefix
  • Install and configure Better WP Security - OR purchase our WordPress Security Package and we will do ALL of this for you.
  • Add this code to your .htaccess file in the ROOT of your site or in the wp-admin folder, change ?.example.com to YOUR domain - such as ?.8Dweb.com in the 5th line below. We have reports that the attack has been modified to overcome this now...:
  • RewriteEngine on
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP_REFERER} !^http://(.*)?.example.com [NC]
RewriteCond %{REQUEST_URI} ^/wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^/wp-admin$
RewriteRule ^(.*)$ - [R=403,L]
Share via

Related Articles

Categories

Tags

© 8Dweb LLC