Last active
February 3, 2016 08:00
-
-
Save sergejmueller/8562240 to your computer and use it in GitHub Desktop.
Fail2Ban-Regel für die Erkennung und Sperre von Bots, die dabei erwischt werden, Login-Versuche auf die WordPress-Anmeldeseite abzusetzen. Die Anmeldeseite ist dabei mit einem Zugriffsschutz versehen. Weitere Infos unter https://github.com/sergejmueller/sergejmueller.github.io/wiki/Fail2Ban:-IP-Firewall
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [wp-auth] | |
| enabled = true | |
| filter = wp-auth | |
| port = http,https | |
| logpath = /var/log/nginx*/access*.log | |
| maxretry = 1 | |
| findtime = 86400 | |
| bantime = -1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fail2Ban configuration file | |
| # | |
| # Authentication failure | |
| # | |
| # Server: Nginx | |
| # Author: Sergej Müller | |
| # | |
| [Definition] | |
| # Option: failregex | |
| # Notes : Too many authentication failures for IP | |
| # Values: TEXT | |
| # | |
| failregex = ^<HOST>.+POST.+wp-login\.php.+ 401 [0-9]{1,} | |
| # Option: ignoreregex | |
| # Notes : Regex to ignore. If this regex matches, the line is ignored. | |
| # Values: TEXT | |
| # | |
| ignoreregex = |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment