https://bugs.contribs.org/show_bug.cgi?id=10422
--- Comment #9 from Michael McCarn <[email protected]> ---
Here is an incomplete note about fail2ban, wordfence, and this proposed
portscan jail.
This portscan jail is triggered by wordfence (the wordpress firewall plugin) if
enabled, which prevents wordfence from updating its scanning information,
thereby preventing scans.
The actual error seen in Wordfence is:
> Call to Wordfence API to resolve IPs failed: There was an error connecting to
> the Wordfence scanning servers: cURL error 28: connect() timed out!
To get wordfence scans working, I had to add the IP for noc1.wordfence.com to
the fail2ban IgnoreIP property:
> config setprop fail2ban IgnoreIP '69.46.36.28'
> signal-event fail2ban-conf
Then, to avoid a reboot, I also deleted the entry manually from the fail2ban
portscan ipset:
> ipset del f2b-portscan '69.46.36.28'
--
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
