Support » Fixing WordPress » Web Filtering on Firewall of WP directories

  • This is my Pro-Trump web page. It gets a lot of attention both good and very bad. On my Fortinet 60E firewall, I turned on DoS policies and get udp_flood attacks daily. I get serverity 5 attacks on WordPress 10x or more a day.

    I have web filtering blocking wp_admin. What other directories can I web filter to lock down the firewall better to protect my web sites. Fortinet said the attacks on my web site are some of the worst they have ever seen. UDP_Floods in the 90,000+ per event.

    My server is running Ubuntu 18.04.2 with LTS enablement. All the patches are applied. I am on the latest Apaache, MariaDB and PHP versions. I read The Hacker News daily.

    [redundant link removed]

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • If you are not using Cloudflare you may want to give it a try. Even on the free tier Cloudflare provides tools to help you overcome a DDoS attack. See https://community.cloudflare.com/t/under-ddos-attack-first-steps/89476

    The 60E does web filtering. Can I block wp_includes and other directories in WP? Evey outside connection to website.com/wp-admin is blocked. Do I need to add other directories.

    Cloudflare is too much for what I need.

    I block /wp_admin except for /wp_admin/admin-ajax.php, and except for my IPs. I also block: /wp-login.php (since I change my login url); /xmlrpc.php (since I don’t make use of it); php files in /wp-content/uploads; and /wp-config.php.

    AFAIK, other than maybe xmlrpc.php, my blocking would do little to thwart a DDoS attack – but I see a lot of bad-bot-blocks in my firewall log.

    I will check on wp-contents/uploads. Ubuntu 18.04.2 with LTS Enablements for the latest 4.18.x Kernel. I set rights to 755 on all www directories and subdirectories. I do full backups with VEAAM.

    DoS policies have udp_flood to block. I have had 4 of them in the 85,000-95,000 range

    IPS blocks all WordPress attacks

    I am on WP 5.22, Apache, MariaDB and PHP are the latest versions and setup with their repos.

    wp-contents/uploads is all my kids pictures. Ubuntu has the rights 755 like WordPress hardening said to do. Only my user can write to it. MariaDB updated today So did the Ubuntu 18.04 LTS Enablement Kernel is now 5.0. I would recommend you run Apache2 2.04.39 because of an exploit in 38 and below. I am on PHP 7.3.7.2 because of an exploit on the earlier versions.

    Cloudflare protected 8Chan up to today. 8Chan is used by White Supremacists, AntiFA, BLM and other hate groups. Today, they finally shut them down.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Web Filtering on Firewall of WP directories’ is closed to new replies.