Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
litespeed_wiki:lslb:wordpress-protection [2017/12/21 21:45] Eric Leu [How Brute Force Protection Works] |
litespeed_wiki:lslb:wordpress-protection [2017/12/22 14:10] Lisa Clarke |
||
---|---|---|---|
Line 7: | Line 7: | ||
The newly introduced WordPress Protection directive is: ''[Throttle, Deny, Drop, Disable ]'' \\ | The newly introduced WordPress Protection directive is: ''[Throttle, Deny, Drop, Disable ]'' \\ | ||
- | The action is optional, and defaults to ''throttle''. The ''Allowed Login Attempts'' can be set as value of (0|1|5-1000) \\ | + | The action is optional, and defaults to ''Disable''. The ''Allowed Login Attempts'' can be set as value of (0|1|5-1000) \\ |
* ''0'' disables WordPress Protection. | * ''0'' disables WordPress Protection. | ||
* ''1'', when used by a virtual host, defers to the setting used by the server. | * ''1'', when used by a virtual host, defers to the setting used by the server. | ||
Line 27: | Line 27: | ||
* When there are more than 5 attempts within a short period of time, the IP will be throttled. | * When there are more than 5 attempts within a short period of time, the IP will be throttled. | ||
* Once the quota reaches 0, the desired action (drop, deny, or throttle) will be taken. | * Once the quota reaches 0, the desired action (drop, deny, or throttle) will be taken. | ||
- | * Every 30 seconds (5 minutes divided by the limit = 30 seconds), if there are no further POST attempts, the quota will increase by 1. | + | * Every 30 seconds (5 minutes divided by the value = 30 seconds), if there are no further POST attempts, the quota will increase by 1. |
- | * Assume the limit is set to ''300''. | + | * Assume the value is set to ''300''. |
* When there are more than 150 attempts within a short period of time, the IP will be throttled. | * When there are more than 150 attempts within a short period of time, the IP will be throttled. | ||
* Once the quota reaches 0, the desired action (drop, deny, or throttle) will be taken. | * Once the quota reaches 0, the desired action (drop, deny, or throttle) will be taken. | ||
- | * After 1 second (5 minutes divided by the limit = 1 second) without further POST attempts, the quota will increase by 1. | + | * After 1 second (5 minutes divided by the value = 1 second) without further POST attempts, the quota will increase by 1. |
- | ===== How to Enable LSWS WordPressProtect Feature from web console ===== | + | ===== How to Enable LSADC WordPressProtect Feature from Web Console ===== |
- | The LSWS WordPressProtect feature is Disabled by default. | + | The LSADC WordPressProtect feature is disabled by default. |
- | You may wish to override the default settings at the server level, virtual-host level. Before making any changes, it helps to understand the logic that drives WordPressProtect at the different levels. | + | You may wish to override the default settings at the server level, or virtual-host level. Before making any changes, it helps to understand the logic that drives WordPressProtect at the different levels. |
Changing the settings at the Virtual-Host level configuration will override the Server-Level configuration. | Changing the settings at the Virtual-Host level configuration will override the Server-Level configuration. | ||
- | + | * Server Level \\ {{:litespeed_wiki:lslb:adczconf-1.png?700|}} | |
- | {{:litespeed_wiki:lslb:adczconf-1.png?700|}} | + | * Virtual Host Level \\ {{:litespeed_wiki:lslb:adczconf-2.png?700|}} |