So we had a little case of someone (or some bot) really hammering us trying to get into some of our wordpress powered sites. This is a handy trick to allow you to limit logins to wp-login on an entire server by IP address. You can also achieve this same thing through .htaccess, but this global version is just way easier/quicker to update and manage. Here is how to do it:
Login to cpanel and navigate to:
WHM -> Service Configuration -> Apache Configuration -> Include Editor -> Post Virtual Host Include -> All Versions
Then add the IPs in with “Allow from” at the end AT the end of the file (but before </Files>) Should look like:
# Restrict wp-login
<Files wp-login.php>
Order deny,allow
Deny from all
Allow from IPAddress
Allow from IP Address
ErrorDocument 403 “Not allowed from your IP.”
</Files>
The benefits of this are:
1.) Your WP site is a lot more secure from brute force/script attacks
2.) You will actually notice a small (or in some cases dramatic) decrease on your server load. When we implemented this change on our server that was effected by these attacks we saw our server load in WHM decrease to less than 1 and stay there.