Block Hackers Without Using .htaccess
-
Hello all,
Looking for a little help please. I do not have access to the .htaccess file as it is a shared file across all blogs (don’t ask me!!).
About one to two times a week we get brute-force attempts against wp-login.php. When this file is accessed a call is mase to the dB, and at 100s of requests per minute it crashes the site.
I have placed a php redirect in the wp-login file so that I can send these attempts somewhere else. However, I am finding that the dB is still being spun-up. Here’s the code I used:
if ($_SERVER[“REMOTE_ADDR”] = “205.204.81.148”){
header(‘location:http://www.blahblah.com’);
}Is there anyway to intercept the call prior to it hitting this file (without using .htaccess)?
What if I change the name of wp-login to something else, and then in wp-login simply vet the IP address and if all is good do a redirect to the new file name?
Any thoughts you may have would be greatly appreciated.
Thanks!
Trip
- The topic ‘Block Hackers Without Using .htaccess’ is closed to new replies.