a guest Aug 23rd, 2014 300 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. SecRule REQUEST_FILENAME "@streq /xmlrpc.php" "chain,phase:4,id:12345,t:none,block,msg:'Wordpress XML-RPC failed authentication (bf).',logdata:'Number of Authentication Failures: %{ip.xmlrpc_brute}'"
  2. SecRule REQUEST_METHOD "@streq POST" "chain"
  3. SecRule RESPONSE_BODY "@contains Incorrect username or password." "chain,setvar:xmlrpc_brute=+1,expirevar:xmlrpc_brute=900"
  4. SecRule IP:xmlrpc_brute "@gt 2"
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand