benfavre/README.MD

## README.MD

      
    Raw
  

              README.MD
            
          
    Restart service

sudo service fail2ban restart

Look at logs

tail -f /var/log/fail2ban.log

Manually add IP to jail

fail2ban-client set nginx-wp-login banip 185.39.10.73

Show jailed

sudo fail2ban-client status nginx-wp-login


## filter.conf
# /etc/fail2ban/filter.d/nginx-wp-login.conf

[Definition]
failregex = ^<HOST> .* "POST /wp-login.php
            ^<HOST> .* "POST /wp/wp-login.php
            ^<HOST> .* "POST .*xmlrpc.php
ignoreregex =

## jail.conf
# /etc/fail2ban/jail.d/nginx-wp-login.conf

[nginx-wp-login]
enabled = true
port    = http,https
filter  = nginx-wp-login
action = iptables-multiport[name=nginx-wp-login, port="http,https", protocol=tcp]
logpath = /var/log/nginx/access.log
        /var/www/some_site/access_log
maxretry = 8
findtime = 600
	# /etc/fail2ban/filter.d/nginx-wp-login.conf

	[Definition]
	failregex = ^<HOST> .* "POST /wp-login.php
	^<HOST> .* "POST /wp/wp-login.php
	^<HOST> .* "POST .*xmlrpc.php
	ignoreregex =
	# /etc/fail2ban/jail.d/nginx-wp-login.conf

	[nginx-wp-login]
	enabled = true
	port = http,https
	filter = nginx-wp-login
	action = iptables-multiport[name=nginx-wp-login, port="http,https", protocol=tcp]
	logpath = /var/log/nginx/access.log
	/var/www/some_site/access_log
	maxretry = 8
	findtime = 600