Facebook
Twitter- Server operating system version
- Almalinux 9
- Plesk version and microupdate number
- Plesk Obsidian 18.0.72 Update #3
Hi everyone,
I'm managing around 40 Plesk servers with multiple domains per server belonging to different customers and developers. I'm struggling to keep up with bots and brute-force attempts constantly hammering wp-login.php, xmlrpc.php, and similar endpoints.
Current Setup:
How are you handling this at scale? Specifically interested in:
What's working for you?
I'm managing around 40 Plesk servers with multiple domains per server belonging to different customers and developers. I'm struggling to keep up with bots and brute-force attempts constantly hammering wp-login.php, xmlrpc.php, and similar endpoints.
Current Setup:
- Fail2ban with custom rules for bad bots and WordPress attacks
- Encouraging WP Toolkit security features (xmlrpc blocking, etc.)
- Pushing Cloudflare with Bot Fight Mode when possible (though not all customers use it)
- Tried BitNinja in the past, but false positives created a nightmare for our helpdesk team
- Despite all this, it's constant whack-a-mole - new crawlers, different servers, rotating IPs
How are you handling this at scale? Specifically interested in:
- Crowdsourced solutions - CrowdSec or alternatives with better false-positive management than BitNinja?
- Proactive blocking - Strategies that catch threats before they impact resources?
- Customer compliance - Enforcing security practices across diverse customer bases?
- Plesk-specific tools - Extensions or configs that actually make a difference?
What's working for you?
I have a lot of this problems, too.
