Here’s mine, but I may haven’t caught all the creativity of some script-kiddy’s.
`failregex = ^<HOST> .* “GET .*/\?up_auto_log=`
`^<HOST> .* “PROPFIND .*`
`^<HOST> .* “(GET|HEAD) .*/db`
`^<HOST> .* “(GET|HEAD) .*/pma`
`^<HOST> .* “(GET|HEAD) .*/info\.php`
`^<HOST> .* “(GET|HEAD) .*/phpinfo\.php`
`^<HOST> .* “(GET|HEAD) .*/backend`
`^<HOST> .* “(GET|HEAD) .*/login`
`^<HOST> .* “(GET|HEAD) .*/webdav`
`^<HOST> .* “(GET|HEAD) .*/cgi`
`^<HOST> .* “(GET|HEAD) .*/tools`
`^<HOST> .* “(GET|HEAD) .*/admin`
`^<HOST> .* “(GET|HEAD) .*/dbadmin`
`^<HOST> .* “(GET|HEAD) .*/myadmin`
`^<HOST> .* “(GET|HEAD) .*/phpmyadmin`
`^<HOST> .* “(GET|HEAD) .*/mysql`
`^<HOST> .* “GET .*/*-old`
`^<HOST> .* “GET .*/-/-/-/-/-/`
`^<HOST> .* “POST .*/db.init.php`
`^<HOST> .* “POST .*/db_session.init.php`
`^<HOST> .* “POST .*/db__.init.php`
[ad_2]
I also see some recommend blocking wp-login and xmlrpc, but am not sure what annoyances that may bring. Notably the wp-login on a Woo, wouldn’t that block client accounts ?