am the small business owner and runs my own web-site. I have noticed increased cracking activity against by blog. What’s the best way to block WordPress URLs such as example.com/blog/wp-login.php and example.com/blog/wp-admin/ in the nginx web-server?
Attacks on WordPress based sites are not new. However, recently many news outlets reported that there’s a fairly large brute force attack happening on WordPress users on multiple hosts. The attacker is brute force attacking the WordPress administrative portals (example.com/wp-admin/), using the username “admin” and trying thousands of passwords.
Nginx block access WordPress administrative portals
Edit the file nginx.conf, enter:
# vi /etc/nginx/nginx.conf
Append the following all and deny all nginx config directives in server context:
location ~ ^/(wp-admin|wp-login\.php) { allow 1.2.3.4; deny all; } |
If your blog located in /blog/ sub-directory, try:
location ~ ^/blog/(wp-admin|wp-login\.php) { allow 1.2.3.4; deny all; } |
Replace 1.2.3.4 with your actual static IP address. Here is a sample config file
upstream apachebackend { server 192.168.1.10:8080 weight=6; server 192.168.1.11:8080 weight=5; server 192.168.1.12:8080 weight=5; server 192.168.1.13:8080 weight=5; #server 127.0.0.1:8080 weight=1; } server { access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; index index.html; listen 75.126.153.206:80 default; root /usr/share/nginx/html; server_name cyberciti.biz www.cyberciti.biz; ## PROXY - Web location / { proxy_pass http://apachebackend; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ~ ^/(wp-admin|wp-login\.php) { allow 1.2.3.4; deny all; proxy_pass http://apachebackend; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } |
Restart / reload the nginx web-server, enter:
# /etc/init.d/nginx reload