fail2ban

Securing wordpress with fail2ban

Using fail2ban to protect wordpress

I’ve been quite busy as late so haven’t really had much time for blogging but thats all going to change soon hopefully

Anyhow I thought I would share a little blog with you about fail2ban (http://www.fail2ban.org/wiki/index.php/Main_Page)  which is a great regex tool for securing your web server. I use this on linuxgalaxy.com and it blocks hundreds of SSH attacks for me every day. I would advise anyone with a webserver to install this amazing piece of software.

I came across a good blog once to use fail2ban to secure your wordpress by using fail2ban to look at login attempts to wp-login in the apache log then block as needed. I can’t remember where I saw this so here is the bones of what is needed.

For this you will need to make a new filter with the correct regex to look at failed attempts

sudo su

cd /etc/fail2ban/filter.d

/etc/fail2ban/filter.d# nano apache-wp-login.conf

Now copy the below into the new file

 

Now edit the jail file to add the options for path, retry’s, ports, etc

cd /etc/fail2ban

/etc/fail2ban# nano jail.conf

Restart the fail2ban service and now its securing wordpress for you :-)

/etc/init.d/fail2ban restart

Attempts at my server today shown below

/var/log/apache2:#nano access.log

 


Comments (1)

Leave a Comment

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>