Brute force attack?

March 26, 20231 Views

I’m seeing this quite often:

enter image description here

No OS, same Browser, weird hostname — they’re definitely not real users. Can I do anything to take precautions before they do something?

Thanks!

Post Views: 1

2 comments

Anonymous says:

March 26, 2023 at 8:42 pm

There’s an ~~app~~ plugin for that, Limit Login Attempts.

Some more info available in this wp beginner post: http://www.wpbeginner.com/plugins/how-and-why-you-should-limit-login-attempts-in-your-wordpress/

Log in to Reply
Anonymous says:

March 26, 2023 at 8:42 pm
Since it looks as there is no referrer you could block the attempts with .htaccess.
Something like this:
```
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9} /.*/wp-login.php.* HTTP/ [NC]
RewriteCond %{HTTP_REFERER} ^-?$
RewriteRule .* - [F,NS]
```
There are different variations on that, you could even just trying using REQUEST_URI instead.
```
RewriteCond %{REQUEST_URI} wp-login.php [NC]
RewriteCond %{HTTP_REFERER} ^-?$
RewriteRule .* - [F,NS]
```
Or if you’re the only person logging into your site you could lock it down even more like so:
```
RewriteCond %{REQUEST_URI} wp-login.php [NC]
RewriteCond %{REMOTE_ADDR} !^xxx.xxx.xxx.xxx$
RewriteRule .* http://example.com [R=301,L]
```
Where xxx.xxx.xxx.xxx is your static IP Address. Can be modified to just work for Class A, B, or C if you have a dynamic IP Address.

Where example.com is your TLD. That way they’re just redirected to your home page.
Log in to Reply