The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Protection against brute force attacks

Discussion in 'Security' started by moodyeye12, Feb 23, 2017.

  1. moodyeye12

    moodyeye12 Registered

    Joined:
    Feb 23, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    I have a two servers with WHM on with over 90 websites on them, most of them are running Wordpress. The issue that I am having is that every few days there is a massive increase in traffic going to the index, xmlrpc . wp-login.php files etc. A certain amount of that would be genuine traffic but not all of it. I do have Wordfence installed on the Wordpress websites and I have the options enabled on them to block access after X amount of failed attempts, but that wouldn't stop them or they would just change I.P. addresses after a while.

    I have tried to use the Host Access Control to try block an I.P. address but that didn't work. I tried to block my I.P. but it didn't block it (I would have access via a different I.P address if it did block mine). Even if it did block it, it wouldn't really be feasible to add all the I.P's to it every time.

    I did install Munin on one of the servers earlier to see if that will give me some more information.

    I was thinking on looking more into Cloudflare and their services and it can be integrated with cPanel

    Is there anything I can install/get for the servers that would help?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page