Find domains targeted for wordpress brute-force attack in Plesk

The following script will give an overview of all the domains and the corresponding hits to wordpress login page. By analyzing the result, you will be be able to find which all domains are facing brute-force attack.

for dom in `ls -l /var/www/vhosts/ | awk -F” ” {‘print $9’}`; do if [ -f /var/www/vhosts/$dom/statistics/logs/access_log ]; then COUNT=`grep wp-login.php /var/www/vhosts/$dom/statistics/logs/access_log |wc -l`; echo “$dom:$COUNT”;fi; done | sort -n -t “:” -k 2 -r

Facebook Comments