What You Have Todo if a Brute Force Attacking Your WordPress Sites

One of my server had cpu outage last week because of a script repeating to access wp-login.php file with hundreds of request per minute.

if you do tail -f access.log it will return repeating requests

I will share my steps to recover it;

First thing todo is to block any access to wp-login.php to block the script running query that eat cpu resources.
Block wp-login.php from apache configuration. Add below lines to the bottom of /etc/apache2/apache2.conf

Then restart apache

Now all access to wp-login.php will be blocked, tail -f error.log will return message like:

The log above shows which site is being attacked by the bot script. Now you can setup a .htaccess script to protect wp-login.php for the site, I wrote about this few days ago.

Once the .htaccess setup, you can delete the wp-login.php blocking command on apache.conf and restart the apache.

Another alternative to protect your wp-login.php is to use plugin, there are several plugins to protect your wp-login.php being attacked, one of my favorite is BruteProtect.

How To, Linux, Wordpress

Any idea? Fill the comment below

This site uses Akismet to reduce spam. Learn how your comment data is processed.