wp-login.php attacks

why do we still get attacks on wp-login then it’s meant to be protected ?

Put your login scripts and pathes here. All of them would be protected by bruteforce protection rules.



  1. Can you please provide audit log for this incident, Cwaf plugin version, web server and it’s details?
  2. Enable brute force protection rules if you already done ignore this.

Don’t have the plugin installed it’s just installed in WHM ModSecurity™ Vendors. Would it be better if i used the plugin

Can you please ask your issue in Mod_security log? | cPanel Forums

that thread was closed 10 years ago ? so why would i want to ask there.

Since you didn’t use Comodo plugin - cwaf. How could I analyse your issues and resolve. This issue not belong to cwaf.
You can create ticket - https://forums.cpanel.net/

I meant we never installed the puglin we added them under WHM ModSecurity

is it just me that’s getting these wp-login attacks my server loads are so high i have started to lose customers now because of this problem

Only way to stop them is add /wp-login.php to userdata_bl_URLs but then customers can’t login admin.

But i need to know why userdata_login_pages wont stop when /wp-login had been added

Since you did not used comodo WAF product. So i could not analyzed your issues and resolved it. Installation and configuration of comodo waf - Comodo Help . After successfully installation Enable brute force protection rules. If you have any queries provide following details for further process.

  1. Web server, cwaf plugin version, and it’s details.

Fred straw
10:35 (2 minutes ago)
to waf

i have used them for ages i use the one installed via modsecurity vendors where you just add the link

all rules have been enabled for years
web server is apache
how do i find what version i have

i think it’s version rule_set=1.215

can you please reply to my ticket been here for weeks now trying to get this sorted

We have released ruleset version 1.216. Please update your rules and enable Bruteforce signature.

why you don’t use this solution, it really works very well. I had the same problem


If you have cpanel and lfd/csf apply immediately