Skip to content

Instantly share code, notes, and snippets.

@alanivey
Last active July 13, 2020 21:53
Show Gist options
  • Save alanivey/6322720 to your computer and use it in GitHub Desktop.
Save alanivey/6322720 to your computer and use it in GitHub Desktop.
fail2ban filter for WordPress URLs
# Ban hosts attemping to connect to WordPress
[apache-wordpress]
enabled = true
filter = apache-wordpress
action = iptables-multiport[name=Apache-WordPress, port="http,https"]
logpath = /var/log/http/*access_log
maxretry = 3
bantime = 86400
# Ban hosts attemping to connect to WordPress
[nginx-wordpress]
enabled = true
filter = nginx-wordpress
action = iptables-multiport[name=Ninx0WordPress, port="http,https"]
logpath = /var/log/nginx/*access.log
maxretry = 3
bantime = 86400
# Fail2Ban configuration file
#
# Author: Alan Ivey
#
# $Revision$
#
[Definition]
# Option: failregex
# Notes.: Regexp to catch attempts to access WordPress-style URIs
# Values: TEXT
#
failregex = ^<HOST> -.*"(GET|POST) /(wp-(login|admin|includes)|.*timthumb\.php).*HTTP.*".*$
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment