Hundreds lines of log in wordpress show that, attackers are just trying passwords via xmlrpc.php. Add protection using the WP fail2ban plugin, inspired by the post here.
Tag: wordpress
Enabing Pretty Permalinks
Well.. long time no see. Just have some time to optimize the site for better analysis.
According to the official tutorial:
1. Enable mod_rewrite in apache2.
|
1 |
# sudo a2enmod rewrite |
2. Enable FollowSymLinks option, which is default.
3. Enable FileInfo directives. Edit /etc/apache2/sites-available/yoursite.com.conf, add:
|
1 2 3 4 |
<Directory /home/yourname/yoursite/> Require all granted AllowOverride FileInfo </Directory> |
4. Restart apache:
|
1 |
# sudo service apache2 restart |
Updated Dec 31, 2015:
Enabling mod_rewrite rewrites all requests including the one used by mod_status. To disable this, add a rule to the .htaccess file.
|
1 |
RewriteCond %{REQUEST_URI} !=/server-status |
Then, change its user & group attributes to prevent overwriting from apache.
3 New Plugins Installed
Just added another personal site for one of my friends. So another chance to speed up loading for my own site, from mainland china >.<
1. Disable google fonts: Remove Google Fonts References
2. Use local avatar: WP User Avatar
3. Use local emoji: WP Local Emoji (installed, but not activated.)