Last active
August 29, 2015 14:24
-
-
Save jackygurui/bf9587a9db27193f2f64 to your computer and use it in GitHub Desktop.
Block IP that brute forcing wordpress logins in one line. Requres UFW
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| grep 11/Jul/2015 access_log | grep "POST /wp-login.php" | awk '{ print $1 }' | sort -n | uniq -c | sort -rn | grep "\\([1-9][0-9][0-9][0-9]\\+\\) " | awk '{ print $2 }' | xargs -n 1 ufw insert 1 deny from | |
| # or change the grep criteria to suit your need. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment