Well agreed in on that but who else than allowed people will try to login ? and do it numerous times (> 3 - 5)? As I see it is an intended action seen in the logfile - but I may be totally wrong.
/Cheers Yo, i wouldnt use this. A single failed login, and a reauth will lock you from your server. At all times try to ban on the intended action and not just on the page the guy lands on. Sent from Samsung tablet -------- Original message -------- From: [email protected] Date: 29/08/2015 14:14 (GMT+02:00) To: [email protected] Subject: [Fail2ban-users] wordpress filter Hi there. Try using this setup - and set max retries to 3 then You almost eliminate Your own 'faults' logging in Im though using Nginx but it should be same approach. Works for me ! failregex = <HOST> - - .* "POST /wp-login.php HTTP/1. <HOST> - - .* "GET /wp-login.php HTTP/1. <HOST> - - .* "GET /admin.php HTTP/1. <HOST> - - .* "GET /administrator/ HTTP/1. Hope this helps and save Your money for something else ;-) /Finn ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
