Block wp-login.php Attacks

Hello people,
I have followed some instructions from an article about blocking wp-login.php through firewall rule.
I see that it is working and indeed i no longer see failed authorization attempts through our Sucuri Audit logs.

I used the below:
http.request.uri.path contains "/wp-login.php"

However, i see that a couple of customers (woocommerce) also got blocked, upon further inspection i se this string on cloudflare logs:

?action=logout&redirect_to=https%3A%2F%2Fdomainhere.com%2Fmy-account%2F&_wpnonce=d3338b178a

Any thoughts about that?

That bit me once because Password Protected pages also use wp-login. So I had to stop using Access to protect wp-login.

If you’re using the premium Sucuri plugin, it should block brute force attacks. But at least make sure you’re using very strong passwords. It’s normal for wp-login to be a target. Just make sure they won’t be successful.

Thanks for the info, i do not use the premium sucuri plugin, so only cloudflare WAF is there to protect, (and obviously a very strong pass)

For now i just modified the rule to the below:

Let’s see how it goes.

2 Likes

This topic was automatically closed after 30 days. New replies are no longer allowed.