{"id":1113,"date":"2022-09-15T07:28:37","date_gmt":"2022-09-15T07:28:37","guid":{"rendered":"https:\/\/sunucucozumleri.com\/?p=1113"},"modified":"2024-02-08T02:40:32","modified_gmt":"2024-02-07T23:40:32","slug":"plesk-panel-kullanicilari-icin-wordpress-brute-force-ataklarindan-korunmak","status":"publish","type":"post","link":"https:\/\/sunucucozumleri.com\/blog\/plesk-panel-kullanicilari-icin-wordpress-brute-force-ataklarindan-korunmak\/","title":{"rendered":"Plesk Panel Kullan\u0131c\u0131lar\u0131 \u0130\u00e7in WordPress Brute Force Ataklar\u0131ndan Korunmak"},"content":{"rendered":"<p>Merhabalar,<br \/>\nBug\u00fcn bilgi bankam\u0131za ekleyece\u011fimiz makalemizde,\u00a0<strong>WordPress <a href=\"https:\/\/sunucucozumleri.com\/blog\/brute-force-nedir-brute-forcedan-korunma-yontemleri\/\">Brute Force<\/a> Ataklar\u0131<\/strong>ndan korunma konusunu en basit haline de\u011finece\u011fiz.<\/p>\n<p>Hepimizin bildi\u011fi gibi, WordPress sitelerde\u00a0<strong>wp-login.php<\/strong>\u00a0dosyas\u0131na \u00e7ok fazla istek gelmektedir. Gelen istekler <a href=\"https:\/\/sunucucozumleri.com\/blog\/frontpage\/\">sunucu<\/a> kaynaklar\u0131n\u0131z\u0131 zaman zaman t\u00fcketecek boyuta gelerek, web sitenize eri\u015fimlerde yava\u015fl\u0131k yada farkl\u0131 problemler ya\u015fayabiliyorsunuz.<\/p>\n<p>Plesk panel kullan\u0131c\u0131lar\u0131, Apache ve <a href=\"https:\/\/sunucucozumleri.com\/blog\/080-nginx-reverse-proxy-nasil-kurulur\/\">Nginx<\/a> server tipine g\u00f6re a\u015fa\u011f\u0131daki i\u015flemleri uygulayabilirler.<\/p>\n<p>1- \u00d6ncelikle FTP alan\u0131n\u0131zda, .htpasswd dosyas\u0131 olu\u015fturarak i\u00e7erisine\u00a0<a href=\"https:\/\/www.htaccesstools.com\/htpasswd-generator\/\" rel=\"nofollow noopener\" target=\"_blank\">http:\/\/www.htaccesstools.com\/htpasswd-generator\/<\/a>\u00a0adresinden belirleyece\u011fimiz kullan\u0131c\u0131 ad\u0131 ve \u015fifreden sonra kar\u015f\u0131m\u0131za \u00e7\u0131kan de\u011feri girelim.<\/p>\n<p>Apache Kullan\u0131c\u0131lar\u0131 i\u00e7in htaccess dosyas\u0131na a\u015fa\u011f\u0131daki komut girilebilir.<\/p>\n<pre class=\"language-markup\"><code># Disallow access to important files for apache &gt;= 2.4\r\n    &lt;FilesMatch \"(^\\.|wp-config\\.php|(?&lt;!robots)\\.txt|(liesmich|readme)\\.*)\"&gt;\r\n      Require all denied\r\n    &lt;\/FilesMatch&gt;\r\n\r\n# Auth protection to wp-login.php for apache &gt;=2.4\r\n    &lt;Files wp-login.php&gt;\r\n      AuthType Basic\r\n      AuthName \"Restricted Password Protection\"\r\n      AuthUserFile \/var\/www\/vhosts\/siteadi.com\/httpdocs\/.htpasswd\r\n      Require valid-user\r\n    &lt;\/Files&gt;<\/code><\/pre>\n<p>Nginx Kullan\u0131c\u0131lar\u0131 ise, Apache ve Nginx Setting b\u00f6l\u00fcm\u00fcnde yer alan nginx direktifi alan\u0131na a\u015fa\u011f\u0131daki komutu girebilirler.<\/p>\n<pre class=\"language-markup\"><code>if (!-e $request_filename) {\r\n\trewrite ^.*$ \/index.php last;\r\n}\r\n\r\n# Disallow access to important files for ngninx\r\nlocation ~* (\/\\.|wp-config\\.php|(?&lt;!robots)\\.txt|(liesmich|readme).*) {\r\n\treturn 444;\r\n}\r\n\r\n# Auth protection to wp-login.php for nginx\r\nlocation = \/wp-login.php {\r\n\tauth_basic \"Restricted Admin-Area\";\r\n\tauth_basic_user_file \/var\/www\/vhosts\/siteadi.com\/httpdocs\/.htpasswd;\r\n\tfastcgi_split_path_info ^((?U).+\\.php)(\/?.+)$;\r\n\tfastcgi_param PATH_INFO $fastcgi_path_info;\r\n\tfastcgi_pass \"unix:\/\/\/var\/www\/vhosts\/system\/siteadi.com\/php-fpm.sock\";\r\n\tinclude \/etc\/nginx\/fastcgi.conf;\r\n}<\/code><\/pre>\n<p>Not : siteadi.com yazan yere sitenizin adresini yazmay\u0131 unutmay\u0131n\u0131z.<\/p>\n<p>Bol trafikler<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Merhabalar, Bug\u00fcn bilgi bankam\u0131za ekleyece\u011fimiz makalemizde,\u00a0WordPress Brute Force Ataklar\u0131ndan korunma konusunu en basit haline de\u011finece\u011fiz. Hepimizin bildi\u011fi gibi, WordPress sitelerde\u00a0wp-login.php\u00a0dosyas\u0131na \u00e7ok fazla istek gelmektedir. Gelen istekler sunucu kaynaklar\u0131n\u0131z\u0131 zaman zaman t\u00fcketecek boyuta gelerek, web sitenize eri\u015fimlerde yava\u015fl\u0131k yada farkl\u0131 problemler ya\u015fayabiliyorsunuz. Plesk panel kullan\u0131c\u0131lar\u0131, Apache ve Nginx server tipine g\u00f6re a\u015fa\u011f\u0131daki i\u015flemleri uygulayabilirler. 1- \u00d6ncelikle &hellip;<\/p>\n","protected":false},"author":1,"featured_media":1456,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[11,10],"tags":[],"class_list":["post-1113","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-wordpress","category-plesk"],"acf":[],"_links":{"self":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/posts\/1113","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/comments?post=1113"}],"version-history":[{"count":0,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/posts\/1113\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/media\/1456"}],"wp:attachment":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/media?parent=1113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/categories?post=1113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/tags?post=1113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}