Changes

From SME Server
Jump to navigationJump to search
382 bytes added ,  03:53, 19 July 2019
Line 186: Line 186:     
==== Fail2Ban ====
 
==== Fail2Ban ====
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. See [[Fail2ban]]. In order to make Fail2Ban work with WordPress, the user "holck" posted the following code in thread https://forums.contribs.org/index.php/topic,53711.msg279902.html in the SME 9 Contribs forum. Holck notes that the standard jail for WordPress appears to work, but does not block the offending IP addresses.  
+
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see [[Fail2ban]] wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page. Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks.  
   −
The following needs to be added the file /etc/fail2ban/jail.conf.
+
If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example.  
 
+
* db configuration setprop fail2ban WPHbantime 5000
<pre>[wordpress-hard]
+
* db configuration setprop fail2ban WPSbantime 1000
enabled = true
+
* db configuration setprop fail2ban WPXbantime 10000
filter = wordpress-hard
+
* db configuration setprop fail2ban WPHfindtime 800
logpath = /var/log/messages
+
* db configuration setprop fail2ban WPSfindtime 800
maxretry = 3
+
* db configuration setprop fail2ban WPXfindtime 800
action = smeserver-iptables[port="80,443",protocol=tcp,bantime=1800]
+
* db configuration setprop fail2ban WPHmaxretry 1
backend = polling
+
* db configuration setprop fail2ban WPSmaxretry 3
 
+
* db configuration setprop fail2ban WPXmaxretry 2
[wordpress-soft]
+
then you will need a signal-event fail2ban-update
enabled  = true
  −
filter = wordpress-soft
  −
logpath = /var/log/messages
  −
action = smeserver-iptables[port="80,443",protocol=tcp,bantime=1800]
  −
backend = polling</pre>
      
===Backup of Wordpress===
 
===Backup of Wordpress===
Super Admin, Wiki & Docs Team, Bureaucrats, Interface administrators, Administrators
3,254

edits

Navigation menu