Store brute-force IP addresses

How can I store IP addresses which try to brute-force the login section or to login too frequent too fast?

I need to store all IPs, then use them in another application, sort of like a learning routine.

UPDATE #1:

Here's a scenario (pseudo-code):

function my_wp_login_failed($username) {
    store($username);
    store($ipAddress);
}
add_action('wp_login_failed', 'my_wp_login_failed');

How can I do this for all attack vectors?

UPDATE #2:

I need IP addresses trying to access the site more than X times get blocked for at least Y time. The initial phase will simply store these IP addresses.

UPDATE #3:

I have found this plugin - https://plugins.trac.wordpress.org/browser/wp-fail2ban/trunk/wp-fail2ban.php - which might do the job. I will need to rewrite it in order to pass the IP information to a database or a flat file.

Topic ip security login Wordpress

Category Web

1
answered at

You can use wp_login_failed action for that purpose... It's called at the end of wp_authenticate, if user credentials were incorrect.

function my_log_brute_force( $username ) {
    $ip_address = $_SERVER['REMOTE_ADDR'];
    // store that info somewhere
    file_put_contents( 'bf-log.txt', date('c') . "\t{$ip_address}\t{$username}\n", FILE_APPEND );
}
add_action( 'wp_login_failed', 'my_log_brute_force' );

Also this article may be helpful: Getting real IP address in PHP

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.