Last active
December 17, 2015 15:59
-
-
Save Coopeh/5635874 to your computer and use it in GitHub Desktop.
Fail2Ban filter for blocking administrator, adminadmin and admin usernames on authentication failure
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fail2Ban configuration file | |
| # | |
| # Author: Charles Lecklider | |
| # | |
| [INCLUDES] | |
| # Read common prefixes. If any customizations available -- read them from | |
| # common.local | |
| before = common.conf | |
| [Definition] | |
| _daemon = wordpress | |
| # Option: failregex | |
| # Notes.: regex to match the password failures messages in the logfile. The | |
| # host must be matched by a group named "host". The tag "<HOST>" can | |
| # be used for standard IP/hostname matching and is only an alias for | |
| # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) | |
| # Values: TEXT | |
| # | |
| failregex = Authentication failure for administrator from <HOST>$ | |
| Authentication failure for adminadmin from <HOST>$ | |
| Authentication failure for admin from <HOST>$ | |
| # Option: ignoreregex | |
| # Notes.: regex to ignore. If this regex matches, the line is ignored. | |
| # Values: TEXT | |
| # | |
| ignoreregex = |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment