#infosec #WordPress Syspeace WordPress Reporter – Brute force protection detector for WordPress #owasp #security

Syspeace WordPress Reporter – Brute force protection detector for WordPress by Syspeace

What is the Syspeace WordPress Reporter?

Syspeace WordPress Reporter is used to collect relevant login data from your WordPress pages
login functionality. The collected data is sent to the Syspeace Web Detector which provides
Syspeace with login attempt information. This means that for the WordPress Reporter to work you
must have the Web Detector installed in Syspeace.

To prevent other websites running on the same server from sending login reports a Reporting Token is used in the Web Detector Reporter. A reporting token is a password-like feature that is set in Syspeace settings and that value needs to correspond with the reporting token sent by the Web Detector Reporter. Unless they match, the login report is ignored in Syspeace.

How to install the Syspeace Web Detector PHP Reporter

Download the SyspeaceDetectorSDK-v1 and unzip. The Detectors and addons are free and there are also other detectors provided for you to use in conjunction with web application logins for instance.

How to install:

1. Install the plugin like this:
Put the SyspeaceWordpressReporter.php file in wp-content/plugins/
The file is located in SyspeaceDetectorSDK-v1Web Detector ReportersPHP
2. Activate the plugin by going to the plugin tab of the WordPress admin panel, selecting the
Syspeace WordPress Reporter plugin and clicking Activate.
3. Go to the Syspeace Reporter Settings tab that has been added to your admin panel.
4. Set Reporting Token to the Reporting Token set in Syspeace’s settings
5. Set Website to the name of the website
6. Click Update

How to use the Syspeace WordPress Reporter

To use the WordPress Reporter, simply go to Syspeace Reporter Settings and set Reporter Token to
the Reporting Token set in Syspeaces settings and set Website to the site name you want in the log

Once you have implemented the plugin on your website we suggest that you test i
t by making both failed and successful login attempts. You can then verify if the login attempts are recorded by checking the Syspeace Access Log under Settings Access Log in Syspeace.

What the Syspeace Web Detector PHP Reporter requires

The server running WordPress must have Syspeace installed so you would need to be running a selfhosted WordPress on a Windows Server

You will be required to install a Web Detector Provider in Syspeace as mentioned under
What is Syspeace WordPress Reporter

Additional free brute force plugins by Syspeace

In the .zip file there are also other plugins and documentation on how to write your own Syspeace Detectors and our goal is to release more detectors as they’re written by us or by our Syspeace users around the world.

By Juha Jurvanen @ JufCorp


Leave a Reply

Your email address will not be published.