summaryrefslogtreecommitdiff
path: root/templates/vhosts/php_wordpress/partial.erb
diff options
context:
space:
mode:
Diffstat (limited to 'templates/vhosts/php_wordpress/partial.erb')
-rw-r--r--templates/vhosts/php_wordpress/partial.erb13
1 files changed, 13 insertions, 0 deletions
diff --git a/templates/vhosts/php_wordpress/partial.erb b/templates/vhosts/php_wordpress/partial.erb
index 42f3cb5..1a02d68 100644
--- a/templates/vhosts/php_wordpress/partial.erb
+++ b/templates/vhosts/php_wordpress/partial.erb
@@ -4,3 +4,16 @@
<Directory "<%= @documentroot %>/wp-content/w3tc/dbcache">
Deny From All
</Directory>
+
+ # simple wp-login brute force protection
+ # http://www.frameloss.org/2013/04/26/even-easier-brute-force-login-protection-for-wordpress/
+ RewriteEngine On
+ RewriteCond %{HTTP_COOKIE} !<%= cookie = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "cookie"]) %>
+RewriteRule /wp-login.php /wordpress-login-<%= tmpuri = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "wp-login"]) %>.php [R,L]
+<Location /wordpress-login-<%= tmpuri %>.php>
+ CookieTracking on
+ CookieExpires 30
+ CookieName <%= cookie %>
+ </Location>
+ RewriteRule /wordpress-login-<%= tmpuri %>.php /wp-login.php [NE]
+