阻止Wordpress / wp-admin但仍受到攻击
[英]Blocked Wordpress /wp-admin but still under attack
问题描述
Thinking I was being a good developer I blocked access to Wordpress admin using this .htaccess code: 
认为我是一名优秀的开发人员,我使用此.htaccess代码阻止了对Wordpress管理员的访问:
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^XX.XX.XX.XX$ #My IP Address
RewriteRule ^(.*)$ - [R=403,L]
I have Sucuri on the website and it is informing me that someone is trying to hack in by using versions of Author usernames, problem is their IP address changes constantly so I cannot add a Deny. 我在网站上有Sucuri,它告诉我有人试图通过使用Author用户名的版本来破解,问题是他们的IP地址不断变化所以我不能添加拒绝。
I cannot get to the admin with this above htaccess code (if I remove my IP address!) ... how are they!? 我无法通过上面的htaccess代码找到管理员(如果我删除了我的IP地址!)......他们怎么样!?
Thanks, J 谢谢,J
1 个解决方案
解决方案1
0 2016-11-17 08:14:31
try adding/editing .htaccess in wp-admin folder directly: 尝试直接在wp-admin文件夹中添加/编辑.htaccess:
Order Deny,Allow
Deny from all
Allow from xxx.xxx.xxx.xxx #your IP
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.