Join Log in
Score:0
A. Neodizzi avatar Server

Apache Logfile full of 'wp-login.php' not found or unable to stat because is not WP site

it flag
A. Neodizzi

the server has no sites with WP and I am aware of what those lines in the log files mean, so in order to reduce requests to wp-login.php as soon as possible the question is: let the server respond with 404 as does it currently or is it better to give a 202 answer with a fake wp-login.php? Thank you all.

489
2 + 0
Score:1
Tilman Schmidt avatar Server
bd flag
Tilman Schmidt

Presenting a fake WordPress login page will only increase the number of requests further because the vulnerability scan scripts will then run through their collection of WordPress attacks against the pretended WordPress site. One possible countermeasure is to deploy fail2ban in order to temporarily block IP addresses that cause an excessive number of 404s.

+ 1
A. Neodizzi avatar
it flag
A. Neodizzi
Thanks for the answer, I have to study fail2ban which I already know little and don't know how it integrates with nftables. Thank you have a nice day
0
Reply
Score:0
user189695 avatar Server
tn flag
user189695

fail2ban as suggested by Tilman is a good one. Using a blacklist of known hackers/malware ip adresses is another good one.

What i always do is set a servername on the virtualhosts for all sites and have a default block all. Normal people connect by hostname, hackers/scanners connect by ip (since they most likely scan ip ranges and don't know your hostname). This will stop 90% of the attacks. See Have apache return 403 for everything that isn't a virtual host

+ 1
A. Neodizzi avatar
it flag
A. Neodizzi
thanks for your answer, I checked my configuration and it is as you suggested, so a lot of useless traffic is fixed
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.