Block Hackers Without Using .htaccess | WordPress.org

TIves
(@tives)

11 years ago

Hello all,

Looking for a little help please. I do not have access to the .htaccess file as it is a shared file across all blogs (don’t ask me!!).

About one to two times a week we get brute-force attempts against wp-login.php. When this file is accessed a call is mase to the dB, and at 100s of requests per minute it crashes the site.

I have placed a php redirect in the wp-login file so that I can send these attempts somewhere else. However, I am finding that the dB is still being spun-up. Here’s the code I used:

if ($_SERVER[“REMOTE_ADDR”] = “205.204.81.148”){
header(‘location:http://www.blahblah.com’);
}

Is there anyway to intercept the call prior to it hitting this file (without using .htaccess)?

What if I change the name of wp-login to something else, and then in wp-login simply vet the IP address and if all is good do a redirect to the new file name?

Any thoughts you may have would be greatly appreciated.

Thanks!

Trip

The topic ‘Block Hackers Without Using .htaccess’ is closed to new replies.

Tags

In: Fixing WordPress
0 replies
1 participant
Last reply from: TIves
Last activity: 11 years ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics