Hey,
Anyone else here being attacked lots via word press? We have about 150 clients, 1/2 of which use word press and the server is being attacked all the time from IPs all over the world. I've implemented fail2ban but that's just a bandaid and I've noticed the attacks are getting worse. Usually they just attack with one IP for a bit then stop for a while but on the weekend we got hit with a different IP every min for 2 hours. None the same. So while fail2ban worked each time they still got in 600 attempts (set to ban for 10 min after 5 attempts).
What can I implement in my apache settings to umbrella the wordpress sites on the server (current and future clients)? I don't really want to go through 75 sites and add in http auth files, that's time consuming.
What are you doing to combat the wordpress attacks?
Anyone else here being attacked lots via word press? We have about 150 clients, 1/2 of which use word press and the server is being attacked all the time from IPs all over the world. I've implemented fail2ban but that's just a bandaid and I've noticed the attacks are getting worse. Usually they just attack with one IP for a bit then stop for a while but on the weekend we got hit with a different IP every min for 2 hours. None the same. So while fail2ban worked each time they still got in 600 attempts (set to ban for 10 min after 5 attempts).
What can I implement in my apache settings to umbrella the wordpress sites on the server (current and future clients)? I don't really want to go through 75 sites and add in http auth files, that's time consuming.
What are you doing to combat the wordpress attacks?