Hi, is it possible to throttle (per client) requests for certain files or locations (for example wp-longin.php or xmlrpc.php) as a simple means to block basic brute force attacks?
I only found documentation on general throttling against ddos but not anything more specific. Thanks for any info
Maybe something like fail2ban and CrawdSec may help.
We added fail2ban to the ols1clk script a few days ago, and it's mainly to protect wp-login.php and xmlrpc.php from multiple POST requests. Feel free to adjust the fail2ban config to match your goal.