1.1. fail2ban

1.1.1. Standard Filters

The filter files included should not be edited; there are no user-serviceable parts inside.

1.1.1.1. Typical Settings

If you are using the typical settings for WPf2b the Blocklist add-on will work without further configuration.

1.1.1.2. Creating a Custom Jail

  1. Copy wpf2b-blocklist-hard.conf to your fail2ban/filters.d directory

  2. Create a new file in fail2ban/jail.d called wpf2b-blocklist.conf

[wpf2b-blocklist-hard]
enabled = true
filter = wpf2b-blocklist-hard
logpath = /var/log/auth.log
maxretry = 1
port = http,https

Note

Make sure you change logpath to the correct log for your OS. If your OS uses systemd it may be simpler and/or easier to install a real syslog service first.

Tip

It is strongly recommended that you also use a different syslog facility with a custom jail.

See also

Using a local0..7 Facility

  1. Add the following to wp-config.php

define('WP_FAIL2BAN_ADDON_BLOCKLIST_CUSTOM_JAIL', true);

See also

WP_FAIL2BAN_ADDON_BLOCKLIST_CUSTOM_JAIL

  1. Reload or restart fail2ban