securityTag Archive

SETTING MAX PASSWORD LOGIN ATTEMPTS PER SESSION In CENTOS -7 Date Posted : 27/02/2019 Introduction For every session, it is essential to set a max password login attempt. This helps to ensure that unauthorized users are prevented from attempting a brute force attack on the server. In most cases, you… Continue Reading SETTING MAX PASSWORD LOGIN ATTEMPTS PER SESSION In CENTOS -7

Block wp-login.php based on country through mod_security Date Posted: 17-02-2018 WordPress is popular CMS which receives large number of DDOS login attempts generally. As a system administrator or site owner, if we dont feel that the traffic is not genuine from some other country, we can restrict wp-login.php   only from… Continue Reading Block wp-login.php based on country through mod_security

WordPress post xmlrpc.php attack Prevention Date Posted: 17-07-2017 This post explains on how to prevent xmlrpc.php attack on wordpress website. If we seen below error or continuous POST request to xmlrpc.php on access log will be best way to identify attack. 2017/07/17 06:25:46 [error] 14858#14858: *411668 connect() to unix:/run/php/php7.0-fpm.sock failed… Continue Reading WordPress post xmlrpc.php attack Prevention

Date Posted:24/03/2017 By default, webserver version, OS information will be visible to public which consider as a security problem because its not a good practice to expose server information. This may result in hackers to intrude your server incase if any vulnerability. So, its always good to hide all server… Continue Reading Hide Webserver information|Modify Server Header on Nginx