To Block wp-login tries using fail2ban
- Create a file here
- vi /etc/fail2ban/filter.d/wordpress.conf
- paste this content
[Definition]Then create this file :-
failregex = ^<HOST> .* "POST .*wp-login.php
^<HOST> .* "POST .*xmlrpc.php
ignoreregex =
vi /etc/fail2ban/jail.conf
[wordpress]Or create this file too,
enabled = true
port = http,https
filter = wordpress
action = iptables-multiport[name=wordpress, port="http,https", protocol=tcp]
logpath = /var/log/httpd/access_log
/var/log/apache2/access*log
/var/log/virtualmin/*log
maxretry = 10
findtime = 600
vi /etc/fail2ban/jail.conf
[wordpress]after that restart the fail2ban service.
enabled = true
port = http,https
filter = wordpress
action = iptables-multiport[name=wordpress, port="http,https", protocol=tcp]
logpath = /var/log/httpd/domains/*.log
maxretry = 3
findtime = 10800; 3 hours
bantime = 86400 ; 1 day
TO check fail2ban created clients
# fail2ban-client status
you will see the result,
like this :-
Status
|- Number of jail: 4
`- Jail list: dovecot, postfix-sasl, pure-ftpd, sshd
Click to see, how unban / unblock ip in fail2ban
0 comments:
Post a Comment