Ddxfish at 16:02, 21 January 2018

2018-01-21T16:02:25Z

← Older revision		Revision as of 16:02, 21 January 2018
Line 35:		Line 35:
	*[http://www.angelwatt.com/words/2012/04/03/wordpress-plugin-log-login-attempts/ Angel Watt - log login attempts] - this is more thorough, with CSV output, but seemed like overkill to me, and was more than a few years old		*[http://www.angelwatt.com/words/2012/04/03/wordpress-plugin-log-login-attempts/ Angel Watt - log login attempts] - this is more thorough, with CSV output, but seemed like overkill to me, and was more than a few years old
	*[https://stackoverflow.com/questions/33709837/how-to-log-login-attempts-directly-on-a-log-file Stack Overflow] - Just people searching for this same stuff, no solutions		*[https://stackoverflow.com/questions/33709837/how-to-log-login-attempts-directly-on-a-log-file Stack Overflow] - Just people searching for this same stuff, no solutions

			[[Category:Wordpress]]

Ddxfish: Created page with "One of my Wordpress sites was getting hacked and I was wondering what passwords the hackers were attempting to use so we could know how serious it was. I added this snippet of..."

2018-01-21T16:01:53Z

Created page with "One of my Wordpress sites was getting hacked and I was wondering what passwords the hackers were attempting to use so we could know how serious it was. I added this snippet of..."

New page

One of my Wordpress sites was getting hacked and I was wondering what passwords the hackers were attempting to use so we could know how serious it was. I added this snippet of code to the end of my '''functions.php''' file in Wordpress. This code hooks into wp_login_failed, so it will only record failed passwords to the file. You have to modify one line to link to your website's root directory.

'''Yeah I know this code could be done in fewer lines and with better output logging. Oh well, it works.'''

'''Wordpress 4.9.2 -- Written 1/21/2018'''

==Dangers==
*If you mistype your password by 1 letter it will be logged!
*Writing to a hidden file like .htfailures will make it more secure, do not write to a CSV or something that ends up public!

//RECORD FAILED PASSWORDS TO A FILE goes in functions.php
add_action('wp_login_failed', 'login_failed_func');
function login_failed_func($args) {
//Start output buffering to avoid echoing
ob_start();
$data = var_dump($args);
$out = ob_get_clean();
$failed = $_POST['pwd'];
$date = date('m/d/Y h:i:s a');
//REPLACE THIS FILE WITH YOUR FILE
$my_file = '/var/www/mysite/public_html/.htfailures';
$handle = fopen($my_file, 'a') or die('Cannot open file: '.$my_file);
$newline = "\n";
fwrite($handle, $date);
fwrite($handle, $out);
fwrite($handle, $failed);
fwrite($handle, $newline);
fwrite($handle, $newline);
fclose($handle);
}

==External Links==
*[https://stackoverflow.com/questions/4376647/is-there-a-way-to-get-the-password-on-a-failed-wordpress-login StackOverflow - Is there a way to get the password on a failed wordpress login?]
*[http://www.angelwatt.com/words/2012/04/03/wordpress-plugin-log-login-attempts/ Angel Watt - log login attempts] - this is more thorough, with CSV output, but seemed like overkill to me, and was more than a few years old
*[https://stackoverflow.com/questions/33709837/how-to-log-login-attempts-directly-on-a-log-file Stack Overflow] - Just people searching for this same stuff, no solutions

Log failed passwords to a file in Wordpress - Revision history

Ddxfish at 16:02, 21 January 2018

Ddxfish: Created page with "One of my Wordpress sites was getting hacked and I was wondering what passwords the hackers were attempting to use so we could know how serious it was. I added this snippet of..."