WordPress with Fail2Ban Plugin on Ubuntu, HP Cloud

Here is How to use and Integrate WordPress with Fail2Ban Plugin on Ubuntu Server Instance Running on HP Cloud Platform in Few Easy Steps. On Ubuntu server, we have already installed Fail2Ban running Nginx and PHP5-FPM in another guide. In this guide, we will integrate WordPress with Fail2Ban Plugin. This demands a static public IP address for your login, else you may either be adding too many floating IPs in whitelist or can not login without ssh access (depends on settings).

WordPress with Fail2Ban Plugin on Ubuntu, HP Cloud

Log in to WordPress website and go to your WordPress dashboard’s Plugin installation webpage. Near the top right section, click on Add New button. Search for the WP fail2ban plugin by typing/copy-pasting it. Install WordPress Fail2ban plugin just like the other plugins. Here is the official page of the plugin on WordPress repo :

This WP fail2ban plugin includes a filter. We simply install that filter so that Fail2ban can correctly parse and use the authentication logs. If your WordPress is installed at /usr/share/nginx/html/, then you should copy /usr/share/nginx/html/wp-content/plugins/wp-fail2ban/wordpress.conf to /etc/fail2ban/filter.d/

Now we will edit /etc/fail2ban/jail.local to add entry :

Add a stanza to apply rules like this :

Both – http and https should be used. After saving the file, restart the service :

You can check the status with these commands :

To add IP address to ignore, we will edit /etc/fail2ban/jail.local and add your.ip.address :

We will edit the /etc/logrotate.conf file and add a stanza :

WordPress with Fail2Ban Plugin : wp-config.php file

As written here :

We can use as much as these lines either as single one of them or some of them :

Do not add these on wp-config.php file without reading the FAQ.