Created
October 2, 2014 13:48
-
-
Save rutger1140/f7db76e3e0af8f07f681 to your computer and use it in GitHub Desktop.
Fail2Ban - block WordPress brute force hack attempts - Plesk 12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a new jail via Plesk | |
| # generated in /etc/fail2ban/jail.local | |
| [wp-auth] | |
| enabled = true | |
| filter = wp-auth | |
| action = iptables-multiport[name=NoAuthFailures, port="http,https"] | |
| logpath = /var/www/vhosts/system/*/logs/*access*log | |
| /var/log/httpd/*access_log | |
| maxretry = 15 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a filter via Plesk | |
| # or create your own as root: /etc/fail2ban/filter.d/wp-auth.conf | |
| [Definition] | |
| failregex = <HOST>.*] "POST /wp-login.php | |
| ignoreregex = |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is placed in Plesk -> Fail2Ban.
It will block an IP address with iptables in your firewall. Settings can be done in Plesk interface.
Mod2Security version:
https://gist.github.com/lekkerduidelijk/a47d2aacab6cb5de68de