How did you configure the “Login Protection” options?
Thread Starter
Torgut
(@torgut)
Always ON, Password,
XML-RPC API ON
Bot protection ON
Authentication log OFF
Signature OFF
Did you check your server HTTP logs to see if the attack is only targeting the wp-login.php page (or if it targets the whole website), and how many HTTP requests per seconds is it? On a small VPS, NinjaFirewall can handle at least 300 HTTP requests per seconds and on a large one, it can be 1,000+ RPS.
Thread Starter
Torgut
(@torgut)
It was a total of 1765 requests. Not per second. Total. I didn’t check the logs, I can ask the engineer if that’s determinant.
That’s a small attack.
If your admin can check the log that would help to see what happened, asked them to:
-check that all requests were blocked by the firewall (it always returns a 4xx error code – either 404 or 403).
-check that only the wp-login.php page was attacked, not the whole site.
Also, make sure you don’t have some rewrite rules in your .htaccess that could interfere with the firewall protection, i.e., if you have another security plugin installed.
