Blocking access to all WordPress sites on a cPAnels erver

AtlantisStargate

• December 05, 2020 06:30

Hi all, in recent months when I guess people have more free time I'm noticing a huge rise in bruteforce attacks towards WordPress /wp-admin pages. I wanted to know if there is a possibility to restrict access to this link for all WordPress pages hosted on the cPanel server. All of my customers come from one country so I'd block access to this link for all IP's outside my country using GEOIP I guess, but I want to do it server-wide. If the customer needs access from another IP our country they can simply enable it with their.htaccess file. Best

• 

  GoWilkes

  • December 07, 2020 00:22

  I've been working on something similar. I blocked wp-admin serverwide by creating a .conf file at: /etc/apache2/conf.d/userdata Something like: # exploits.conf RewriteEngine on RewriteCond %{REQUEST_URI} /wp-admin RewriteRule ^ - [F]
  You can add another RewriteCond to allow exceptions based on whatever criteria you like. You can also use CSF's CC_ALLOW_FILTER to block access to the server to the US (which is what I do), but if any of your accounts have non-US customers then it would block them, too.

  0
• 

  sahostking

  • December 07, 2020 06:10

  Install CSF which is free and edit the regex.pm file to block access to brute force attacks on the wp-login.php and xmlrpc.php files. Otherwise u might run into issues with plugins or customers trying to access that "path". A ensure at very least you have comodo waf ruleset for modsecurity. That should sort it out

  0
• 

  cPRex Jurassic Moderator

  • December 07, 2020 15:12

  The earlier posts are great suggestions!

  0

Please sign in to leave a comment.