How to secure wordpress with mod_security

0

You can add extra security to your wordpress website by using the mod_security

You can block one or more specific countries to access your website like this:

  • download GeoIP database

mkdir /usr/share/geoip/
cd /usr/share/geoip/
wget -N http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
gzip -df GeoIP.dat.gz

  • add rules to mod_security2


SecGeoLookupDb /usr/share/geoip/GeoIP.dat
SecRule REMOTE_ADDR “@geoLookup” “chain,id:20,drop,msg:’High Risk Fraud Location'”
#SecRule GEO:COUNTRY_CODE “@streq CN”  // mod_security block only one country
SecRule GEO:COUNTRY_CODE “@pm UA ID YU LT EG CN BG TR RU PK MY IL” // mod_security block a specific list of countries

# mod_security allow only one country to be able to access the admin area from wordpress
# mod_security block all countries except one

<Locationmatch “/wp-admin/”>
SecRule REMOTE_ADDR “@geoLookup” “chain,id:20,drop,msg:’High Risk Fraud Location'”
SecRule GEO:COUNTRY_CODE “!@streq RO”
</Locationmatch>

 

Assigning Fraud/Risk Scores

As Rsnake discussed, there are many different fraud detection resources that have assigned general risk scores to certain geographic regions.  For example, the top 12 High Risk Countries:

  • Ukraine
  • Indonesia
  • Yugoslavia
  • Lithuania
  • Egypt
  • China
  • Bulgaria
  • Turkey
  • Russia
  • Pakistan
  • Malaysia
  • Israel

Enjoy

Share.

About Author

Comments are closed.