I have followed some instructions from an article about blocking wp-login.php through firewall rule.
I see that it is working and indeed i no longer see failed authorization attempts through our Sucuri Audit logs.
I used the below:
http.request.uri.path contains "/wp-login.php"
However, i see that a couple of customers (woocommerce) also got blocked, upon further inspection i se this string on cloudflare logs:
Any thoughts about that?
That bit me once because Password Protected pages also use wp-login. So I had to stop using Access to protect wp-login.
If you’re using the premium Sucuri plugin, it should block brute force attacks. But at least make sure you’re using very strong passwords. It’s normal for wp-login to be a target. Just make sure they won’t be successful.
Thanks for the info, i do not use the premium sucuri plugin, so only cloudflare WAF is there to protect, (and obviously a very strong pass)
For now i just modified the rule to the below:
Let’s see how it goes.
This topic was automatically closed after 30 days. New replies are no longer allowed.