Author Topic: /old/wp-admin/setup-config.php  (Read 1212 times)

Offline needsomehelp

  • Comodo Family Member
  • ***
  • Posts: 89
/old/wp-admin/setup-config.php
« on: May 12, 2017, 10:22:56 AM »
Hi anyone had attacks to wordpress sites like this below ? they have old or test or anyname and just attack them. anyway of stopping these with comodo ?

/old/wp-admin/setup-config.php
/test/wp-admin/setup-config.php

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 357
Re: /old/wp-admin/setup-config.php
« Reply #1 on: May 15, 2017, 04:55:35 AM »
You can use "userdata_bl_URLs" file for these purposes.

Offline needsomehelp

  • Comodo Family Member
  • ***
  • Posts: 89
Re: /old/wp-admin/setup-config.php
« Reply #2 on: May 15, 2017, 05:10:10 AM »
You can use "userdata_bl_URLs" file for these purposes.

Could you explain how i do this please. i also see loads of attacks on wp-login could do with tightening the rule to stop them

Offline akabakov

  • Comodo's Hero
  • *****
  • Posts: 364
Re: /old/wp-admin/setup-config.php
« Reply #3 on: May 15, 2017, 08:18:10 AM »
/old/wp-admin/ and /test/wp-admin could be placed in Comodo WAF - Userdata - Blocked URLs
It should resolve this issue.

Offline needsomehelp

  • Comodo Family Member
  • ***
  • Posts: 89
Re: /old/wp-admin/setup-config.php
« Reply #4 on: May 15, 2017, 08:27:59 AM »
/old/wp-admin/ and /test/wp-admin could be placed in Comodo WAF - Userdata - Blocked URLs
It should resolve this issue.

Hi so put them in userdata_bl_URLs like this below is that correct

# Put your blacklist of URL pathes here
# Only IPs from whitelisted list will be allowed to visit these URLs
/old/wp-admin/
/test/wp-admin

Offline akabakov

  • Comodo's Hero
  • *****
  • Posts: 364
Re: /old/wp-admin/setup-config.php
« Reply #5 on: May 15, 2017, 08:33:33 AM »
Yes, you are right.

Offline needsomehelp

  • Comodo Family Member
  • ***
  • Posts: 89
Re: /old/wp-admin/setup-config.php
« Reply #6 on: May 15, 2017, 08:38:46 AM »
Yes, you are right.

Thanks something new i have learnt. can you tell me how i make the rule for wp-login tighter getting loads of attacks for some reason.

Offline needsomehelp

  • Comodo Family Member
  • ***
  • Posts: 89
Re: /old/wp-admin/setup-config.php
« Reply #7 on: May 31, 2017, 12:24:17 PM »
Thanks something new i have learnt. can you tell me how i make the rule for wp-login tighter getting loads of attacks for some reason.

Hi still getting attacks on these URLs can you tell me do i need to add the full path like /wp/wp-admin/setup-config.php because i only added /old/wp-admin last time

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 357
Re: /old/wp-admin/setup-config.php
« Reply #8 on: May 31, 2017, 04:31:16 PM »
Hi still getting attacks on these URLs can you tell me do i need to add the full path like /wp/wp-admin/setup-config.php because i only added /old/wp-admin last time

Hi, I've tested your case and everything works fine, you can add any part of path to block that request, so simple string "/setup-config.php" (without quotes) in userdatat_bl_URLS should do the job.

Offline needsomehelp

  • Comodo Family Member
  • ***
  • Posts: 89
Re: /old/wp-admin/setup-config.php
« Reply #9 on: May 31, 2017, 05:40:17 PM »
Hi, I've tested your case and everything works fine, you can add any part of path to block that request, so simple string "/setup-config.php" (without quotes) in userdatat_bl_URLS should do the job.

Hi so i can just add /setup-config.php that will work for any name in front ? but i did get an high laod still might be bacuse they attacked all the wordpress sites on the server ? how fast does it block them and can i change to block them faster.

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 357
Re: /old/wp-admin/setup-config.php
« Reply #10 on: June 01, 2017, 05:10:48 AM »
Hi so i can just add /setup-config.php that will work for any name in front ? ...

Correct. Access to this page should be blocked immediately after web server restart for all IPs which not belongs to userdatat_wl_IPs file.

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek