Morning all.... It's almost the weekend! Yay.. We are getting so many wordpress site hacks lately, its almost a full time job to catch them all... many of our clients use wordpress, but are not experts, so they do not always update their sites, leading to exploitable hacks.. I was wondering if there is a web firewall of sorts that is available ? Or what do others use or recommend? I already have ispprotect, however, its not real time, so it catches after the damage is already done. Suggestions, comments? Thanks
I just now came across this, which is FREE and has high recommendations! https://wordpress.org/plugins/wp-simple-firewall/installation/
here's a howto for wp-login / fail2ban... not tested it but looks ok https://1fix.io/blog/2015/01/10/wordpress-brute-force-attacks-fail2ban/ But one main issue seems to be, that each website has it's own log file. It would be interesting to know how to setup one fail for all websites...
