Block wp-login.php and xmlrpc.php via fail2ban on RunCloud

Fail2ban Wordpress Runcloud

How to ban IP addresses that are brute forcing your wp-login.php and xmlrpc.php on a WordPress install with fail2ban on a RunCloud server. Email yourself any fail2ban IP addresses. Add a WordPress fail2ban filter Create a wordpress.conf file in /etc/fail2ban/filter.d/ [Definition] failregex = ^<HOST> .* “POST .*wp-login.php ^<HOST> .* “POST .*xmlrpc.php ignoreregex = If you…

Read More

Block xmlrpc.php and wp-login.php via NGINX

Block Xmlrpc Wp Login Nginx

You can block xmlrpc.php and wp-login.php via NGINX with the configurations below, what’s good about this approach is that it prevents brute force attacks at the NGINX server level without any PHP/MySQL resources being used. xmlrpc.php for NGINX location = /xmlrpc.php { deny all; } To allow JetPacks IP addresses through adjust the config to…

Read More

Temporarily Turn off Modsec filtering

Turn Off Modsec

You can temporarily turn off Modsec filtering by adding a code snippet rule to your .htacces file, this can be helpful if you are triggering a number of rules which are false positives or you are unable to get the rules whitelisted whilst you do your development. Add into .htaccess <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST…

Read More