Bruteforce Wordpress

@c0r3dump3d wrote:

Hi, I’m trying to implement a Wordpress bruteforce protection at haproxy level, version 1.5.18 in CentOS 7. I’m folowing the manual https://www.haproxy.com/blog/wordpress-cms-brute-force-protection-with-haproxy/ but I’m not able to make it work.
In the frontend section I have:

    tcp-request inspect-delay 10s
    tcp-request content accept if HTTP

    acl wp_login path_beg -i /wp-login.php
    acl flagged_as_abuser        sc1_get_gpc0 gt 0
    stick-table type binary len 20 size 500 store gpc0
    tcp-request content track-sc1  base32+src if METH_POST wp_login
    http-request deny  if flagged_as_abuser

In the backend section I have:

    tcp-request inspect-delay 10s
    tcp-request content accept if HTTP
    acl wp_login path_beg -i /wp-login.php
    stick-table type binary len 20 size 500 store gpc0,http_req_rate(5s)
    tcp-request content track-sc2  base32+src if METH_POST wp_login
    stick store-request base32+src            if METH_POST wp_login
    acl bruteforce_detection  sc2_http_req_rate gt 5
    acl flag_bruteforce       sc1_inc_gpc0      gt 0
    http-request deny if bruteforce_detection flag_bruteforce

Whe I show the table in the backend I see that the http_req_rate always has zero value:

   # table: webphp56_servers, type: binary, size:500, used:6
   0x5578f86675e4: key=3AAE35AFC1C9E0C1000000000000000000000000 use=0 exp=0 server_id=10    gpc0=0 http_req_rate(5000)=0
   0x5578f8907874: key=4C6CF94FBB10374B000000000000000000000000 use=0 exp=0 server_id=10 gpc0=0 http_req_rate(5000)=0
  0x5578f8a994f4: key=CE6B86EB8ACC472F000000000000000000000000 use=0 exp=0 server_id=7 gpc0=0 http_req_rate(5000)=0

What am I doing wrong?

Thank you in advance.

Posts: 1

Participants: 1

Read full topic