Author Topic: Attacks on wp-login.php  (Read 165 times)

Offline needsomehelp

  • Comodo Loves me
  • ****
  • Posts: 106
Attacks on wp-login.php
« on: August 15, 2018, 07:55:50 AM »
Hi since the latest update i am getting attacks on wp-login.php anything i can do to stop this.

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 178
Re: Attacks on wp-login.php
« Reply #1 on: August 15, 2018, 12:07:03 PM »
Hi needsomehelp.
Please provide information about your web server, hosting panel, modsecurity, CWAF plugin and CWAF rules versions.
You can enable Bruteforce protection which disabled by default.

Offline needsomehelp

  • Comodo Loves me
  • ****
  • Posts: 106
Re: Attacks on wp-login.php
« Reply #2 on: August 15, 2018, 02:09:16 PM »
Hi needsomehelp.
Please provide information about your web server, hosting panel, modsecurity, CWAF plugin and CWAF rules versions.
You can enable Bruteforce protection which disabled by default.

Capenl server not using plugin it's installed via WHM not sure what version but it updated in the last few days and now this happens. everything is enabled ?

Offline SergeiP

  • Moderator
  • Comodo Loves me
  • *****
  • Posts: 178
Re: Attacks on wp-login.php
« Reply #3 on: August 16, 2018, 11:29:53 AM »
How did you know that you under attack?
If you don't use any previously saved excludes file ( /usr/local/cwaf/etc/httpd/global/zzz_exclude_global.conf) then all rules protections will be enabled by default work of modsecurity will freeze your server. Also logs sizes will grow.


I recommend you to install CWAF plugin v2.23

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek