3,233
edits
Changes
From SME Server
Jump to navigationJump to search→fail2ban
==== Fail2Ban ====
==== Fail2Ban ====
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. See [[Fail2ban]]. In order to make Fail2Ban work with WordPress, the user "holck" posted the following code in thread https://forums.contribs.org/index.php/topic,53711.msg279902.html in the SME 9 Contribs forum. Holck notes that the standard jail for WordPress appears to work, but does not block the offending IP addresses.
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see [[Fail2ban]] wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page. Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks.
If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example.
* db configuration setprop fail2ban WPHbantime 5000
* db configuration setprop fail2ban WPSbantime 1000
* db configuration setprop fail2ban WPXbantime 10000
* db configuration setprop fail2ban WPHfindtime 800
* db configuration setprop fail2ban WPSfindtime 800
* db configuration setprop fail2ban WPXfindtime 800
* db configuration setprop fail2ban WPHmaxretry 1
* db configuration setprop fail2ban WPSmaxretry 3
* db configuration setprop fail2ban WPXmaxretry 2
then you will need a signal-event fail2ban-update
===Backup of Wordpress===
===Backup of Wordpress===
