Is 6G Firewall appropriate for thirtybees

[cprats]

I was wondering if 6G Fireewall .htaccess code could be useful (or compatible) with thirtybees:

https://perishablepress.com/6g/

Does anyone use this code?

[wakabayashi]

I dont use it. I use cloudflare for this.

[Rhapsody]

A follow up on this original post.  My WordPress multisite installations were performing really slow at times.  I logged in to cPanel and saw CPU usage hovering at 99%.  It turns out there were targeted login attempts at the WordPress login wp-login.php with random user names and passwords.  Banning an IP worked for a little while, then the attacks started again from a different IP.  I ended up installing the All in One WP Security & Firewall plugin. This plugin provides various options to customize the .htaccess file, including the 6G firewall rules mentioned in the original post. Since it was installed, all has worked fine and I can see in logs where the plugin shut down the persistent login attempts.  It is setup so that after a set number of failed attempts, the request is redirected to 127.0.0.1 to take the load off the site.

This got me wondering - Is there are similar set of rules that might be applied to the Thirty Bees shop login?  I don't know if the shop install I have running on the same domain as the WordPress multisite install has been subject to the same type of attacks, but would feel better if I knew this protection existed.

[Petter]

Fail2ban will solve this problem. Also, not using Fail2ban to protect again brute force login attacks, your site will be hacked - sooner than later.

https://www.fail2ban.org/wiki/index.php/Main_Page

Edited January 17, 2021 by Petter
Typo