How to secure the WordPress login panel with fail2bain (and without plugins)

If you are running your own server, it may be useful to create a jail with fail2ban to block attempts to access your blog.

(I assume you already have fail2ban installed)

Edit the local jails file:

sudo nano /etc/fail2ban/jail.local

Find the log path for your server (important)

NGINX: /var/log/nginx/access.log

APACHE: /var/log/apache/access.log


add the wp-auth jail:

[wordpress-auths]
enabled = true
port = http,https
filter = wordpress-auth
logpath = /var/log/nginx/access.log
action = iptables-multiport[name=wordpress-auth, port="http,https", protocol=tcp]

create a filter:

sudo nano /etc/fail2ban/fail2ban.d/wordpress-auth.conf

add to the new filter this code

[Definition]
failregex = ^<HOST> .* "(GET|POST) /wp-login.php
            ^<HOST> .* "(GET|POST) /xmlrpc.php

Test the new filter with:

fail2ban-regex /var/log/apache2/wp.access.log /etc/fail2ban/filter.d/wordpress-auth.conf

To unban ip

fail2ban-client set wordpress-auths unbanip 192.168.1.100

To check the banned ip

sudo fail2ban-client status wordpress-auth

Post navigation

You might be interested in...

No comments yet, be the first!

Comments

Your email address will not be published. Required fields are marked *