IThemes Security Brute Force Attack wp-login.php 302 redirect | ww.wp.xz.cn

Resolved robertopucc
(@robertopucc)

10 years, 8 months ago

Hi
on one of my sites wordpress ‘m getting the brute force attach for file wp-login.php.
from my logs I see “POST /wp-login.php HTTP / 1.0” 302.
why 302 and not 404? With 404 we can ban them automatically.
Instead the 302 continue to massacre the server resources.

can I have a 404?

https://ww.wp.xz.cn/plugins/better-wp-security/

Viewing 3 replies - 1 through 3 (of 3 total)

dwinden
(@dwinden)

10 years, 8 months ago

@robertopucc

If you have enabled the iTSec plugin Hide Backend and Enable Theme Compatibility settings then disable the Enable Theme Compatibility setting (if not needed).

This will block wp-login.php requests as 404.

If the provided info answers your question please mark this topic as ‘resolved’.

dwinden

dwinden
(@dwinden)

10 years, 7 months ago

@robertopucc

If you require no further assistance please mark this topic as ‘resolved’.

dwinden

Thread Starter robertopucc
(@robertopucc)

10 years, 7 months ago

thanks

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘IThemes Security Brute Force Attack wp-login.php 302 redirect’ is closed to new replies.

3 replies
2 participants
Last reply from: robertopucc
Last activity: 10 years, 7 months ago
Status: resolved