Difference between revisions of "Log failed passwords to a file in Wordpress"
From ETCwiki
Jump to navigationJump to search (Created page with "One of my Wordpress sites was getting hacked and I was wondering what passwords the hackers were attempting to use so we could know how serious it was. I added this snippet of...") |
|||
Line 35: | Line 35: | ||
*[http://www.angelwatt.com/words/2012/04/03/wordpress-plugin-log-login-attempts/ Angel Watt - log login attempts] - this is more thorough, with CSV output, but seemed like overkill to me, and was more than a few years old | *[http://www.angelwatt.com/words/2012/04/03/wordpress-plugin-log-login-attempts/ Angel Watt - log login attempts] - this is more thorough, with CSV output, but seemed like overkill to me, and was more than a few years old | ||
*[https://stackoverflow.com/questions/33709837/how-to-log-login-attempts-directly-on-a-log-file Stack Overflow] - Just people searching for this same stuff, no solutions | *[https://stackoverflow.com/questions/33709837/how-to-log-login-attempts-directly-on-a-log-file Stack Overflow] - Just people searching for this same stuff, no solutions | ||
+ | |||
+ | [[Category:Wordpress]] |
Latest revision as of 16:02, 21 January 2018
One of my Wordpress sites was getting hacked and I was wondering what passwords the hackers were attempting to use so we could know how serious it was. I added this snippet of code to the end of my functions.php file in Wordpress. This code hooks into wp_login_failed, so it will only record failed passwords to the file. You have to modify one line to link to your website's root directory.
Yeah I know this code could be done in fewer lines and with better output logging. Oh well, it works.
Wordpress 4.9.2 -- Written 1/21/2018
Dangers
- If you mistype your password by 1 letter it will be logged!
- Writing to a hidden file like .htfailures will make it more secure, do not write to a CSV or something that ends up public!
//RECORD FAILED PASSWORDS TO A FILE goes in functions.php add_action('wp_login_failed', 'login_failed_func'); function login_failed_func($args) { //Start output buffering to avoid echoing ob_start(); $data = var_dump($args); $out = ob_get_clean(); $failed = $_POST['pwd']; $date = date('m/d/Y h:i:s a'); //REPLACE THIS FILE WITH YOUR FILE $my_file = '/var/www/mysite/public_html/.htfailures'; $handle = fopen($my_file, 'a') or die('Cannot open file: '.$my_file); $newline = "\n"; fwrite($handle, $date); fwrite($handle, $out); fwrite($handle, $failed); fwrite($handle, $newline); fwrite($handle, $newline); fclose($handle); }
External Links
- StackOverflow - Is there a way to get the password on a failed wordpress login?
- Angel Watt - log login attempts - this is more thorough, with CSV output, but seemed like overkill to me, and was more than a few years old
- Stack Overflow - Just people searching for this same stuff, no solutions