WordPress.org

Ready to get started?Download WordPress

Forums

Limit Login Attempts
cPanel/WHM and Blocking Serverwide Hack Attempts (2 posts)

  1. GiraffeDog
    Member
    Posted 1 year ago #

    I've just made a little modification that I thought I'd share for this. We host multiple WP sites with cPanel and it'd be nice to drop the banstick down on any would be WP hackers:

    To do this, you need to alter the limit-login-attempts.php file in particular the start of the limit_login_notify_email() function. I've included the line above and below so you can see where to insert it:

    function limit_login_notify_email($user) {
            $ip = limit_login_get_address();
    
            // Added by GiraffeDog.net so we can blacklist serverwide for an IP using cPanel
            $iparr = split ("\.", $ip);
    
            // Blacklist URL - This is cPanel URL
            $blacklisturl = "https://" . $_SERVER['SERVER_ADDR'] . ":2087/cgi/bl.cgi?ip=";
    
            // EO: GiraffeDog.net Addition
    
            $whitelisted = is_limit_login_ip_whitelisted($ip);

    I've then edited the end of the function to include a link in the email to Server's WHM's blacklist URL:

    $admin_email = is_limit_login_multisite() ? get_site_option('admin_email') : get_option('admin_email');
    
            // Added by GiraffeDog.net to allow us to blacklist the IP across all sites via WHM
            $message .= "
    Please use the following links to add to the black list:
    
    Single IP:  " . $blacklisturl . $iparr[0] . "." . $iparr[1] . "." . $iparr[2] . "." . $iparr[3] . "
           /24: " . $blacklisturl . $iparr[0] . "." . $iparr[1] . "." . $iparr[2] . ".0/24
           /16: " . $blacklisturl . $iparr[0] . "." . $iparr[1] . ".0.0/16
    ";
    
            @wp_mail($admin_email, $subject, $message);

    Now if you're getting lots of attempts from an IP, you can further ban them from the entire server.

    It might be of use to you guys, just thought I'd share :)

    GD

    http://wordpress.org/extend/plugins/limit-login-attempts/

  2. GiraffeDog
    Member
    Posted 1 year ago #

    Oh by the way the WHM links at the bottom allow you to block, the IP, or the 24/16 ranges which could be a little extreme, but I thought it may be of use to someone :)

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic