When a default WordPress login URL is being brute force attacked it will cause a ModSecurity rule to block access to the webpage. The lockout should expire at the top of the hour, but there are options to avoid the wait.
The instructions below explain how to disable ModSecurity and install a plugin to hide the wp-admin URL. You can also add password protection to the wp-admin page/folder in cPanel to bypass the ModSecurity block. This works because the page is not accessible without a user and password, so bots are not able to reach it.
Related Articles
Log into WordPress Dashboard
Find the Document Root of a Domain
Password Protect Directory in cPanel
Bypass ModSecurity Block
- To remove the ModSecurity temporary lockout page
- Log into the appropriate cPanel
- Navigate to ModSecurity, located in the Security section
- Using the toggle change the Status from On to Off for the appropriate domain
IMPORTANT: The wp-admin page should now be able to be accessed.
TIP: Install a plugin to hide the wp-admin and then reactivate ModSecurity.
- Install WPS Hide Login plugin on WordPress
- Log into the WordPress dashboard
- Hover over Plugins and click the Add New button
- Search for WPS Hide Login plugin
- Click the Install Now button for the WPS Hide Login plugin
- Once installed, click the Activate button
NOTE: Installing and activating this changes the login slug to /login, bypassing the mod_sec lockout.
TIP: Once back in the dashboard, you can customize the login/admin slug to whatever you like, preventing future lockouts. Bots aren't very smart, and only look for /wp-admin.
- Alternative Method:
- Another method for bypassing ModSecurity is by password protecting the wp-admin page
- Log into cPanel
- Locate the Document Root of the domain
IMPORTANT: Be sure to remember the document root location of the domain. - Locate the Directory Privacy button under Files
- Password protect the folder called wp-admin
- Access the wp-admin page entering the newly created credentials and login
Comments
0 comments
Article is closed for comments.