ModSec rule for wp-login attacks

Operating System & Version
Cloudlinux 7.8
cPanel & WHM Version
90.0 (build 16)
V

Vs Nu

Well-Known Member
Jul 17, 2015
178
12
68
India
cPanel Access Level
Root Administrator
Do anyone have ModSec rule for WPLogin attacks ?

I had checked Stopping Brute-force Logins Against Wordpress - I break things. but it does not work while adding the rule in ModSec

it gives error

Error: (XID bwc4af) The rule is invalid. Apache returned the following error: AH00526: Syntax error on line 3 of /var/tmp/29053.XML_API___MODSEC_ADD_RULE__.e713b25e.tmp/validate.conf: ModSecurity: No action id present within the rule
 
S

SamuelM

Technical Analyst Team Lead
Nov 20, 2019
196
41
103
USA
cPanel Access Level
Root Administrator
Hello @Vs Nu

I recommend you install the cPanel-provided OWASP ModSecurity Core Rule Set. The OWASP CRS has rules that detect brute force attacks. The page I linked provides instructions for installing this rule set.

I would also suggest you refer to this article from our support center that covers other methods of dealing with Wordpress brute force attacks.

Please let us know if you have any questions.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
G In Progress ZC-11209 - ModSec custom rules lost after Leapp upgrade Web Servers and Applications 3
G Performance of mod_security2, mod_unique_id, and modsec2-rules-owasp-crs Web Servers and Applications 2
A OWASP ModSecurity Core Rule Set V3.0 breaks after every update Web Servers and Applications 7
N disable/enable a modsecurity rule thru ssh Web Servers and Applications 2
007basaran Rule processing failed mod_cgi.c - ModSecurity Web Servers and Applications 7
Similar threads
In Progress ZC-11209 - ModSec custom rules lost after Leapp upgrade
Performance of mod_security2, mod_unique_id, and modsec2-rules-owasp-crs
OWASP ModSecurity Core Rule Set V3.0 breaks after every update
disable/enable a modsecurity rule thru ssh
Rule processing failed mod_cgi.c - ModSecurity
Top Bottom