Attacks on wp-login.php

needsomehelp · August 15, 2018, 11:55am

Hi since the latest update i am getting attacks on wp-login.php anything i can do to stop this.

Serhyo · August 15, 2018, 4:07pm

Hi needsomehelp.
Please provide information about your web server, hosting panel, modsecurity, CWAF plugin and CWAF rules versions.
You can enable Bruteforce protection which disabled by default.

needsomehelp · August 15, 2018, 6:09pm

Capenl server not using plugin it’s installed via WHM not sure what version but it updated in the last few days and now this happens. everything is enabled ?

Serhyo · August 16, 2018, 3:29pm

How did you know that you under attack?
If you don’t use any previously saved excludes file ( /usr/local/cwaf/etc/httpd/global/zzz_exclude_global.conf) then all rules protections will be enabled by default work of modsecurity will freeze your server. Also logs sizes will grow.

needsomehelp · October 31, 2018, 6:40pm

I know because sometimes i get an high server load and it’s attacks to links like this below
wp-content
wp-admin

Serhyo · November 12, 2018, 4:11pm

CWAF rules has DoS protection. It disabled by default and should be enabled only when it needed.

needsomehelp · December 10, 2018, 11:44am

Where do i find that ?

Serhyo · December 11, 2018, 4:09pm

You can find it in file:
11_HTTP_HTTPDoS.conf