Skip to content

erick t. hitter

web tinkerer

  • Home
    • Adventures with VPS
      • Backups
      • mailserver
      • nginx
      • SSL
    • Tech & Tools
    • WordPress
  • Photos
  • Musings, ramblings, etc.
  • Code
    • GitHub
    • Automating plugin releases to WordPress.org using GitLab CI
    • Generating a CSR with SAN at the command line
    • Monitoring and culling stale GitLab Runner instances
  • Presentations
    • Presentations @ Slideshare
  • Plugins
    • Automating releases using GitLab CI
    • Redis User Session Storage
  • About
    • Public Keys
      SSH, PGP, etc
    • apt repos
    • Timeline
      Where I’ve been and when
    • Contact
    • License
    • Donate
    • Privacy Policy
  • Twitter
  • GitLab
  • GitHub
  • WordPress.org

Latest Posts

  • Plugin updates and translation lessons
  • Connecting an iHome SmartPlug to Home Assistant
  • Compiling nginx with GitLab CI

Categories

Tag: wp-login.php

Rate limiting: another way I guard against brute-force logins

Rate limiting: another way I guard against brute-force logins

For the last few weeks, the VPS powering this site received an increase in nefarious traffic arriving via IPv6. Perhaps unsurprisingly, much of this traffic came as brute-force login attempts against my WordPress site, and its arrival over IPv6 was key.

As I noted in my post on login monitoring, I already employ fail2ban, in conjunction with Konstantin Kovshenin’s technique for blocking failed WP logins. Unfortunately, fail2ban only supports IPv4, which is the only reason I even noticed this uptick in login attempts or needed to address it.

Continue reading Rate limiting: another way I guard against brute-force logins

Posted on May 16, 2016March 15, 2017Categories Adventures with VPS, Tech & Tools, TutorialsTags logwatch, nginx, swatch, swatchdog, WordPress, wp-login, wp-login.php1 Comment on Rate limiting: another way I guard against brute-force logins

Replacing WordPress Logo on wp-login.php

There are many times when, as much as I’d love to publicize that a site is built on WordPress, the logo just isn’t appropriate on the login screen (wp-login.php). Thankfully, it’s quite easy to replace the logo using a bit of CSS. Simply paste the following snippet of code into your theme’s functions.php file and adjust the CSS on line 4 as needed.

//Theme login screen
function replace_login_logo() {
 $style = '<style type="text/css">';
 $style .= '#login h1 { background: url( ' .  get_stylesheet_directory_uri() . '/images/logo.gif ) no-repeat scroll center top transparent; display: block; height: 118px; overflow: hidden; padding-bottom: 15px; text-indent: -9999px; width: 369px; margin-left: -25px; }';
 $style .= '#login h1 a { display: none; }';
 $style .= '</style>';
 echo $style;
}
add_action( 'login_head', 'replace_login_logo' );
Posted on November 6, 2010March 15, 2017Categories Code, Tech & Tools, WordPressTags Logo, WordPress, wp-login, wp-login.php
Privacy Policy Proudly powered by WordPress