{"id":1560,"date":"2015-07-02T22:52:38","date_gmt":"2015-07-02T20:52:38","guid":{"rendered":"https:\/\/www.hostking.host\/blog\/?p=1560"},"modified":"2015-07-02T22:52:38","modified_gmt":"2015-07-02T20:52:38","slug":"how-to-block-wordpress-login-attacks-to-100s-of-websites-on-a-shared-server","status":"publish","type":"post","link":"https:\/\/www.hostking.host\/blog\/how-to-block-wordpress-login-attacks-to-100s-of-websites-on-a-shared-server\/","title":{"rendered":"How To block WordPress Login attacks to 100s of websites on a Shared Server"},"content":{"rendered":"<p>The script is complete! Currently compatible with cPanel servers.<\/p>\n<p>It creates a new random alphanumeric username and math equation every time it runs. The user is asked to enter the random username and the sum of the two random numbers when accessing any wp-login.php on the server.<\/p>\n<p>Instructions:<br \/>\n1) Run this command in SSH:<\/p>\n<div class=\"bbcode_container\">\n<div class=\"bbcode_description\">Code:<\/div>\n<pre class=\"bbcode_code\">touch \/usr\/local\/apache\/conf\/includes\/wordpressprotect.conf<\/pre>\n<\/div>\n<p>2) Open \/usr\/local\/apache\/conf\/includes\/pre_virtualhost_global.conf<br \/>\nRemove any other code which you may have added for wp-login.php HTTP protection and add this line at the beginning of the file:<\/p>\n<div class=\"bbcode_container\">\n<div class=\"bbcode_description\">Code:<\/div>\n<pre class=\"bbcode_code\">Include \"\/usr\/local\/apache\/conf\/includes\/wordpressprotect.conf\"<\/pre>\n<\/div>\n<p>Now save \/usr\/local\/apache\/conf\/includes\/pre_virtualhost_global.conf<\/p>\n<p>3) Create a shell script, with any name, for example wp-login.sh and add this code:<\/p>\n<div class=\"bbcode_container\">\n<div class=\"bbcode_description\">Code:<\/div>\n<pre class=\"bbcode_code\">echo \"Generating random username (6 alphanumeric characters)...\"\nusername=`cat \/dev\/urandom | tr -dc 'a-z0-9' | fold -w 6 | head -n 1`\n\necho \"Generating two random numbers for math...\"\nn=$RANDOM\nn1=$((RANDOM%20+10))\nn2=$((RANDOM%9+1))\nresult=$(($n1 + $n2))\n\necho \"Creating and saving configuration file...\"\n\nCONFFILE=\"\\n\n&lt;LocationMatch \\\"wp-login.php\\\"&gt;\\n\nAuthType basic\\n\nAuthName \\\"WordPress attack protection. Please verify that you are a legitimate user and not an attack bot which attempts to hack this site. DO NOT ENTER HERE YOUR WP-ADMIN USERNAME AND PASSWORD. Enter username: $username Password: The result of math $n1+$n2\\\"\\n\nAuthUserFile \/home\/wp-admin-attack-htpasswd-file\\n\nRequire valid-user\\n\n&lt;\/LocationMatch&gt;\\n\nErrorDocument 401 \\\"Authentication required\\\"\\n\n\\n\"\n\n\necho -e $CONFFILE &gt; \/usr\/local\/apache\/conf\/includes\/wordpressprotect.conf\n\/bin\/chmod 0755 \/usr\/local\/apache\/conf\/includes\/wordpressprotect.conf\n\/bin\/rm -f \/home\/wp-admin-attack-htpasswd-file\n\/usr\/local\/apache\/bin\/htpasswd -bc \/home\/wp-admin-attack-htpasswd-file $username $result\n\/bin\/chmod 0755 \/home\/wp-admin-attack-htpasswd-file\n\necho \"Restarting Apache (and nginx if exists)...\"\n\/etc\/init.d\/httpd restart\necho \"All done!\"<\/pre>\n<\/div>\n<p>Save it and make it executable:<\/p>\n<div class=\"bbcode_container\">\n<div class=\"bbcode_description\">Code:<\/div>\n<pre class=\"bbcode_code\">chmod +x wp-login.sh<\/pre>\n<\/div>\n<p>Now, every time you want to create new HTTP authentication credentials for all wp-login.php files on the server, just run this new script.<\/p>\n<div class=\"bbcode_container\">\n<div class=\"bbcode_description\">Code:<\/div>\n<pre class=\"bbcode_code\">.\/wp-login.sh<\/pre>\n<\/div>\n<p>Users (or bots &nbsp;) visiting any wp-login.php file will be seeing the message in the attached screenshot.<\/p>\n<p>You can create a cron job which runs this script as often as you want, to set a new random username and math equation.<br \/>\nFor example, for every 15 minutes:<\/p>\n<div class=\"bbcode_container\">\n<div class=\"bbcode_description\">Code:<\/div>\n<pre class=\"bbcode_code\">*\/15 * * * * \/path\/to\/wplogin.sh\n\nThanks to NetworkPanda on WebHostingTalk.com<\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The script is complete! Currently compatible with cPanel servers. It creates a new random alphanumeric username and math equation every time it runs. The user is asked to enter the&hellip;<\/p>\n","protected":false},"author":2,"featured_media":1585,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65,29],"tags":[86,87,60],"class_list":["post-1560","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hostking-news","category-website-and-web-hosting","tag-bruteforce","tag-login","tag-wordpress","entry"],"_links":{"self":[{"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/posts\/1560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/comments?post=1560"}],"version-history":[{"count":0,"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/posts\/1560\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/media\/1585"}],"wp:attachment":[{"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/media?parent=1560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/categories?post=1560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostking.host\/blog\/wp-json\/wp\/v2\/tags?post=1560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}