Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
litespeed_wiki:config:wordpress-protection [2019/11/12 19:29] qtwrk |
litespeed_wiki:config:wordpress-protection [2019/11/29 21:03] George Wang [How Brute Force Protection Works] |
||
---|---|---|---|
Line 8: | Line 8: | ||
===== How Brute Force Protection Works ===== | ===== How Brute Force Protection Works ===== | ||
- | The newly introduced WordPress Protection directive is: ''WordPressProtect [off|on|drop|deny|throttle, ] <limit>'' \\ | + | The newly introduced WordPress Protection directive is: ''WordPressProtect [off|on|drop|deny|throttle|captcha, ] <limit>'' \\ |
- | The action is optional, and defaults to ''throttle''. The limit can be set together with the action, and has a value of (0|1|5-1000) \\ | + | The action is optional, and defaults to ''throttle''. The limit can be set together with the action, and has a value of (0|1|2-1000) \\ |
* ''0'' disables WordPress Protection. | * ''0'' disables WordPress Protection. | ||
* ''1'', when used by a virtual host, defers to the setting used by the server. | * ''1'', when used by a virtual host, defers to the setting used by the server. | ||
- | * ''5''-''1000'' enables WordPress protection and also specifies the login limit. (Values lower than ''5'' will be treated as ''5'', and values higher than ''1000'' will be treated as ''1000'') \\ | + | * ''2''-''1000'' enables WordPress protection and also specifies the login limit. (Values lower than ''2'' will be treated as ''2'', and values higher than ''1000'' will be treated as ''1000'') \\ |
**Example:** | **Example:** | ||
* ''WordPressProtect drop, 10'' | * ''WordPressProtect drop, 10'' | ||
Line 105: | Line 105: | ||
===== How to Enable LSWS WordPressProtect Feature on Plesk ===== | ===== How to Enable LSWS WordPressProtect Feature on Plesk ===== | ||
- | Everything should be same as cPanel , only some difference on where to place the directives: | + | Everything should be same as cPanel. The only difference is in where to place the directives. |
- | Server-Level configuration: | + | ==== Server-Level Configuration ==== |
- | edit file ''/usr/local/psa/admin/conf/templates/custom/domain/domainVirtualHost.php'' | + | Edit the file ''/usr/local/psa/admin/conf/templates/custom/domain/domainVirtualHost.php''. |
- | This file should be generated by ''bash <(curl http://www.litespeedtech.com/packages/lscache/set_cache_root_policy.sh)'' script when set up cache root , if you haven't run it yet, please run it to enable set up cache root. | + | This file should be generated by the ''bash <(curl http://www.litespeedtech.com/packages/lscache/set_cache_root_policy.sh)'' script when you set up the cache root. If you haven't run it yet, please do so to enable cache root setup. |
- | There are **two** block of following code: | + | There are **two** blocks of the following code: |
<code><IfModule Litespeed> | <code><IfModule Litespeed> | ||
Line 119: | Line 119: | ||
</IfModule></code> | </IfModule></code> | ||
- | We can insert the code here , make it like: | + | We can insert the WordPressProtect code here, like so: |
<code><IfModule Litespeed> | <code><IfModule Litespeed> | ||
Line 126: | Line 126: | ||
</IfModule></code> | </IfModule></code> | ||
- | This will override the default server-level setting from 10 to 5, then run ''/usr/local/psa/admin/sbin/httpdmng --reconfigure-all'' to regenerate the configuration file , then ''/usr/local/lsws/bin/lswsctrl restart'' to restart LSWS to take effect. | + | This will override the default server-level setting from ''10'' to ''5''. Be sure to run ''/usr/local/psa/admin/sbin/httpdmng --reconfigure-all'' to regenerate the configuration file, then ''/usr/local/lsws/bin/lswsctrl restart'' to restart LSWS so the new setting takes effect. |
- | Vhost-level setting: | + | ==== Vhost-Level Setting ==== |
- | In Plesk domain page , as screenshot , go to ''Apache & nginx Settings'' , add directive in ''Additional directives for HTTP'' and ''Additional directives for HTTPS'' then click on **OK** or **Apply** to save it. | + | {{ :litespeed_wiki:plesk:plesk-wp-protect.jpg |}} |
+ | |||
+ | In the Plesk domain page, as seen in the screenshot, navigate to **Apache & nginx Settings**, add the following directive in **Additional directives for HTTP** and **Additional directives for HTTPS**, then click **OK** or **Apply** to save it: | ||
<code><IfModule Litespeed> | <code><IfModule Litespeed> | ||
Line 136: | Line 138: | ||
</IfModule></code> | </IfModule></code> | ||
- | Plesk user can also use `.htaccess` to override the server-level setting as above example. | + | {{ :litespeed_wiki:plesk:plesk-wp-protect2.jpg |}} |
+ | |||
+ | Plesk users may also use `.htaccess` to override the server-level setting. | ||