Here is How to use and Integrate WordPress with Fail2Ban Plugin on Ubuntu Server Instance Running on HP Cloud Platform in Few Easy Steps. On Ubuntu server, we have already installed Fail2Ban running Nginx and PHP5-FPM in another guide. In this guide, we will integrate WordPress with Fail2Ban Plugin. This demands a static public IP address for your login, else you may either be adding too many floating IPs in whitelist or can not login without ssh access (depends on settings).
WordPress with Fail2Ban Plugin on Ubuntu, HP Cloud
Log in to WordPress website and go to your WordPress dashboard’s Plugin installation webpage. Near the top right section, click on Add New button. Search for the WP fail2ban plugin by typing/copy-pasting it. Install WordPress Fail2ban plugin just like the other plugins. Here is the official page of the plugin on WordPress repo :
1 | https://wordpress.org/plugins/wp-fail2ban/ |
This WP fail2ban plugin includes a filter. We simply install that filter so that Fail2ban can correctly parse and use the authentication logs. If your WordPress is installed at /usr/share/nginx/html/
, then you should copy /usr/share/nginx/html/wp-content/plugins/wp-fail2ban/wordpress.conf
to /etc/fail2ban/filter.d/
---
1 | cp /usr/share/nginx/html/wp-content/plugins/wp-fail2ban/wordpress.conf /etc/fail2ban/filter.d/ |
Now we will edit /etc/fail2ban/jail.local
to add entry :
1 | nano /etc/fail2ban/jail.local |
Add a stanza to apply rules like this :
1 2 3 4 5 6 | [wordpress] enabled = true filter = wordpress logpath = /var/log/auth.log port = http,https |
Both – http
and https
should be used. After saving the file, restart the service :
1 | service fail2ban restart |
You can check the status with these commands :
1 2 | fail2ban-client status wordpress tail /var/log/auth.log |
To add IP address to ignore, we will edit /etc/fail2ban/jail.local
and add your.ip.address
:
1 | ignoreip = 127.0.0.1/8 your.ip.address |
We will edit the /etc/logrotate.conf
file and add a stanza :
1 2 3 4 5 | /var/log/auth.log { size 30k create 0600 root root rotate 4 } |
WordPress with Fail2Ban Plugin : wp-config.php file
As written here :
1 | https://wordpress.org/plugins/wp-fail2ban/faq/ |
We can use as much as these lines either as single one of them or some of them :
1 2 3 4 5 6 | define('WP_FAIL2BAN_AUTH_LOG',LOG_AUTHPRIV); define('WP_FAIL2BAN_LOG_PINGBACKS',true); define('WP_FAIL2BAN_PINGBACK_LOG',LOG_LOCAL3); define('WP_FAIL2BAN_BLOCK_USER_ENUMERATION',true); define('WP_FAIL2BAN_PROXIES','192.168.0.42,192.168.42.0/24'); define('WP_FAIL2BAN_BLOCKED_USERS','^admin$'); |
Do not add these on wp-config.php
file without reading the FAQ.