CSF wp-login attempts block

By | 21 November 2018

In order to block IP’s that flood wp-login.php attempts by using CSF regex.custom.pm
if (($globlogs{CUSTOM2_LOG}{$lgfile}) and ($line =~ /(\S+).*] "\w*(?:GET) \/wp-login\.php.*" /)) {
return ("Failed WordPress GET",$1,"WPLOGINGET","3","80,443,21,25,22,23","1");
}
if (($globlogs{CUSTOM2_LOG}{$lgfile}) and ($line =~ /(\S+).*] "\w*(?:POST) \/wp-login\.php.*" /)) {
return ("Failed WordPress POST",$1,"WPLOGINPOST","3","80,443,21,25,22,23","1");
}