Lately at that spot has been a lot of attacks on wordpress sites (since it's a pop framework) particularly on windows machine. So nosotros decided to migrate on a linux machine. Obviously got a lot of attacks still, ane of the nasty ane is a DoS (denial of service), as well as here's how nosotros handled it:
- Install akismet plugin.
- Install wordfence plugin - this ane is actually good.
- If you lot know how to type commands on linux, run tail -f /var/log/nginx/access.log. This volition should the nearly frequent asking together amongst its IP induce got banking concern complaint of it as well as nether WordFence->Blocked IPs, add together it.
- Install as well as configure ip tables.
- Block the ip inwards ip tables (INPUT section):
//add sudo iptables -A INPUT -s [IP ADDRESS] -j DROP //or insert every bit a outset dominion sudo iptables -I INPUT 1 -s [IP ADDRESS] -j DROP //check if configured correctly sudo iptables -L --line-numbers //to withdraw a dominion iptables -D INPUT [line-number]
- Configure nginx.conf to block xmlrpc asking (make certain that you lot are non using it). Normally you lot don't. Create nginx.conf inwards your webroot amongst the next contents:
# nginx configuration place /xmlrpc.php { deny all; }Here's an htaccess to nginx converter, merely inwards representative you lot need: http://winginx.com/en/htaccess. - Setup fail2ban. Google on how-to. Here's my favorite: https://www.digitalocean.com/community/tutorials/how-to-protect-an-nginx-server-with-fail2ban-on-ubuntu-14-04.
0 komentar:
Please comment if there are any that need to be asked.