Blocking access to all WordPress sites on a cPAnels erver

Operating System & Version
CENTOS 7.9 kvm
cPanel & WHM Version
v92.0.3
Oct 18, 2020
8
2
3
Slovenia
cPanel Access Level
Root Administrator
Hi all,

in recent months when I guess people have more free time I'm noticing a huge rise in bruteforce attacks towards WordPress /wp-admin pages.

I wanted to know if there is a possibility to restrict access to this link for all WordPress pages hosted on the cPanel server. All of my customers come from one country so I'd block access to this link for all IP's outside my country using GEOIP I guess, but I want to do it server-wide. If the customer needs access from another IP our country they can simply enable it with their.htaccess file.

Best
 

GoWilkes

Well-Known Member
Sep 26, 2006
613
25
168
cPanel Access Level
Root Administrator
I've been working on something similar. I blocked wp-admin serverwide by creating a .conf file at:

/etc/apache2/conf.d/userdata

Something like:

Code:
# exploits.conf
RewriteEngine on

RewriteCond %{REQUEST_URI} /wp-admin
RewriteRule ^ - [F]
You can add another RewriteCond to allow exceptions based on whatever criteria you like.

You can also use CSF's CC_ALLOW_FILTER to block access to the server to the US (which is what I do), but if any of your accounts have non-US customers then it would block them, too.
 
  • Like
Reactions: cPRex

sahostking

Well-Known Member
May 15, 2012
389
16
68
Cape Town, South Africa
cPanel Access Level
Root Administrator
Twitter
Install CSF which is free and edit the regex.pm file to block access to brute force attacks on the wp-login.php and xmlrpc.php files.

Otherwise u might run into issues with plugins or customers trying to access that "path".

A ensure at very least you have comodo waf ruleset for modsecurity.

That should sort it out
 
  • Like
Reactions: cPRex