Web Services

Defeat wp-login.php Brute Force Attack Using Cloudflare & .htaccess

In dealing WordPress Login (wp-login.php) brute force attack, previously, I recommend changing username & password as mentioned in WordPress Brute Force Attack – Change Username/Login ID post.

It does help to prevent the hacker to gain access, but the attack caused another problem as it consumed a large amount of server resources. Plugins such as Brute Force Login Protection may assist you to block the IPs after a number of wrong attempts. However, some of the hackers have large numbers of IPs, from hundreds to thousands of IPs. I encounter this problem & really taxing my server resources similar to DDOS attack.

While looking for better alternative to solve this problem, I found out that if you are using Cloudflare, the request headers contain the country code of the visitor’s origin. The header I’m talking about is the “HTTP_CF_IPCOUNTRY”.

What you to do is to allow only visitors from certain country to access “wp-login.php” file by using “HTTP_CF_IPCOUNTRY” header  and “.htaccess” file.

The example below is only allow visitors from United States & Canada. Change the country code in the third line to make it applicable to your locations.

 <FilesMatch "wp-login.php">
  RewriteEngine on
  RewriteCond %{HTTP:CF-IPCOUNTRY} !^(US|CA)$
  RewriteRule ^ - [F,L]

Cpanel/WHM Backup in Amazon S3

WHM/cPanel, since version 11.42 allow user to do backup to Amazon S3. This is a great choice to do backup by utilizing reliable service like Amazon S3. Furthermore, new S3 user will get FREE 5GB backup storage for a year making this option even valuable. After FREE time is over, the cost is rather small only 3 cents per GB of storage

Below is the steps on how to backup cPanel/WHM in Amazon S3

Amazon S3 Configuration

  1. Login to your Amazon S3 account or create for a new account if you don’t have one.
  2. Browse to Dashboard → Services → S3
  3. Create a Bucket (Make sure there is no “.” dot in the Bucket name. If you have, you unable to connect to amazon servers due SSL issue and will give timeout error.
  4. Browse to Username → Security Credentials → Access Keys (Access Key ID and Secret Access Key)
  5. Click “Create New Access Key” button.
  6. Download the “Access Key” & keep it secure.

cPanel/WHM Configuration

  1. Login to cPanel/WHM
  2. Browse to Backup → Backup Configuration
  3. Edit Global Settings, Scheduling and Retention, Files, Databases & Configure Backup Directory as per your preference.
  4. In Additional Destinations, Select “Amazon S3™” & Click “Create new destination” button.
  5. Add “Destination Name” and optional “Folder” information in the space.
  6. Key-in “Bucket” name as (3) in Amazon S3 Configuration above.
  7. Key-ion “Access Key ID” & “Secret Access Key” as per (6) in Amazon S3 Configuration above.
  8. Click “Save and Validate Destination” Button.