Skip to content

Instantly share code, notes, and snippets.

@hannesbe
Last active January 12, 2016 14:23
Show Gist options
  • Save hannesbe/967bfe743aa777fec88b to your computer and use it in GitHub Desktop.
Save hannesbe/967bfe743aa777fec88b to your computer and use it in GitHub Desktop.
Install script for a fail2ban configuration to ban brute force attacks on all Wordpress sites on Apache (Plesk supported) server-wide
#!/bin/sh
#
# Shell script to configure fail2ban to ban
# brute force attacks on all Wordpress sites server-wide
# If fail2ban is not yet installed, it will be installed and configured first.
# Apache logfiles are monitored for attacks. If you're on Plesk all vhosts' logs
# are monitored as well. Plesk's integration with fail2ban is only available on Plesk 12+.
# This configuration should work for any Apache or Plesk setup, as long as access logs are available.
# CentOS/EL7+ required.
#
# Run this command to execute the script in one go
# curl -sSL https://gist.github.com/hannesbe/967bfe743aa777fec88b/raw/fail2ban-apache-wp-jail-install.sh | bash -s
#
set -e
N=$(tput sgr0) ; BD=$(tput bold) ; GR=$(tput setaf 2; tput bold) ; YE=$(tput setaf 3) ; R=$(tput setaf 1)
OK="[$GR OK $N]\n" ; FL="[$R FAILED $N]\n" ; IN="[$YE NO SO INSTALLING FIRST $N]\n"
[[ $EUID -eq 0 ]] ||
( printf "You must be a root user $FL\n" 2>&1 ; exit 1 )
printf ""$BD"\nConfiguring "$YE"fail2ban to ban brute force attacks against Wordpress server-wide$N\n"
printf ""$BD"\nChecking if fail2ban is installed & running$N\n" &&
yum list installed fail2ban fail2ban-systemd fail2ban-firewalld >/dev/null 2>&1 &&
printf " $OK" || ( printf " $IN" && curl -sSL https://gist.github.com/hannesbe/719c03d85134f8e9df5c/raw/fail2ban-firewalld-install.sh | bash -s )
printf ""$BD"\nDownloading WP filter config$N\n" &&
CONFIG1=/etc/fail2ban/filter.d/apache-wp-login.conf &&
curl -fsSL https://gist.github.com/hannesbe/41b4a4ee35dbe2fe7ada/raw/apache-wp-login.conf -o $CONFIG1 &&
printf "Saved config to $YE$CONFIG1$N $OK" || ( printf " $FL" ; exit 3 )
CONFIG2=/etc/fail2ban/filter.d/apache-wp-xmlrpc.conf &&
curl -fsSL https://gist.github.com/hannesbe/41b4a4ee35dbe2fe7ada/raw/apache-wp-xmlrpc.conf -o $CONFIG2 &&
printf "Saved config to $YE$CONFIG2$N $OK" || ( printf " $FL" ; exit 3 )
printf ""$BD"\nDownloading WP jail config$N\n" &&
CONFIG3=/etc/fail2ban/jail.d/apache-wp.conf &&
curl -fsSL https://gist.github.com/hannesbe/d988e8cd8b47fb1cc7f4/raw/apache-wp.conf -o $CONFIG3 &&
printf "Saved config to $YE$CONFIG3$N $OK" || ( printf " $FL" ; exit 3 )
printf ""$BD"\nRestarting fail2ban daemon$N\n" &&
systemctl restart fail2ban &&
printf " $OK" || ( printf " $FL" ; exit 4 )
@hannesbe
Copy link
Author

Run this command to execute the script in one go
curl -sSL https://gist.github.com/hannesbe/967bfe743aa777fec88b/raw/fail2ban-apache-wp-jail-install.sh | bash -s

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment