Fail2ban Wordpress Runcloud

How to ban IP addresses that are brute forcing your wp-login.php and xmlrpc.php with fail2ban on a RunCloud server.   Add a WordPress fail2ban filter Create a wordpress.conf file in /etc/fail2ban/filter.d/ [Definition] failregex = ^<HOST> .* “POST .*wp-login.php ^<HOST> .* “POST .*xmlrpc.php ignoreregex = If you just want to ban only one of them just…

Read More
Force SSH Password

This is the command to force a SSH password between a client and server, you may have passwordless connection set up with SSH keys but want to check that a password is correct. ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no user@1.2.3.4 Swap out user@1.2.3.4 with your connection details. Once logged in, if you want to change the…

Read More
Block Xmlrpc Wp Login Nginx

You can block xmlrpc.php and wp-login.php via NGINX with the configurations below, what’s good about this approach is that it prevents brute force attacks at the NGINX server level without any PHP/MySQL resources being used. xmlrpc.php for NGINX location = /xmlrpc.php { deny all; } To allow JetPacks IP addresses through adjust the config to…

Read More
Hostname Fqdn Ubuntu

Hostname in Ubuntu 18.04 You can find and change the hostname with the commands hostname or hostnamectl in Ubuntu 18.04, if you run the command on its own it will tell you what the current name is, example below it is racknerd-la hostnamectl root@racknerd-la:~# hostnamectl Static hostname: racknerd-la Icon name: computer-vm Chassis: vm Machine ID:…

Read More
Turn Off Modsec

You can temporarily turn off Modsec filtering by adding a code snippet rule to your .htacces file, this can be helpful if you are triggering a number of rules which are false positives or you are unable to get the rules whitelisted whilst you do your development. Add into .htaccess <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST…

Read More