Blocking access to all WordPress sites on a cPAnels erver

[AtlantisStargate]

Hi all,

in recent months when I guess people have more free time I'm noticing a huge rise in bruteforce attacks towards WordPress /wp-admin pages.

I wanted to know if there is a possibility to restrict access to this link for all WordPress pages hosted on the cPanel server. All of my customers come from one country so I'd block access to this link for all IP's outside my country using GEOIP I guess, but I want to do it server-wide. If the customer needs access from another IP our country they can simply enable it with their.htaccess file.

Best

 

[GoWilkes]

I've been working on something similar. I blocked wp-admin serverwide by creating a .conf file at:

/etc/apache2/conf.d/userdata

Something like:

# exploits.conf
RewriteEngine on

RewriteCond %{REQUEST_URI} /wp-admin
RewriteRule ^ - [F]

You can add another RewriteCond to allow exceptions based on whatever criteria you like.

You can also use CSF's CC_ALLOW_FILTER to block access to the server to the US (which is what I do), but if any of your accounts have non-US customers then it would block them, too.

 

[sahostking]

Install CSF which is free and edit the regex.pm file to block access to brute force attacks on the wp-login.php and xmlrpc.php files.

Otherwise u might run into issues with plugins or customers trying to access that "path".

A ensure at very least you have comodo waf ruleset for modsecurity.

That should sort it out

 

[cPRex]

The earlier posts are great suggestions!