Fail2ban + WP Fail2Ban Redux
-
- Posts: 10
- Joined: Thu Aug 23, 2018 8:58 pm
- Os: CentOS 6x
- Web: nginx + php-fpm
Fail2ban + WP Fail2Ban Redux
Hello, I'm tryinf to configure Fail2ban in my server. I downloaded the plugin WP Fail2Ban Redux, and followed the instalation procedure found here: https://github.com/thebrandonallen/wp-fail2ban-redux
When I restarted the server I got a error in the log:
I don't know for sure but I toght that this error had something to do with the FirewallD, so I followed this tutorial: https://www.rosehosting.com/blog/set-up ... -centos-7/
Now when I restart the fail2ban I get no errors:
But those filters aren't working, and the log files are empty.
Here is my config file:
I don't know if I'm using the right path, but when I log in the VestaCP Panel I can see the entry in the log, but when I try to simulate a failed login in the Wordpress nothing is added in the log, and no IP is blocked.
Need some help.
Thanks
When I restarted the server I got a error in the log:
Code: Select all
2018-10-08 11:39:16,001 fail2ban.action [16540]: ERROR ipset create fail2ban-wordpress hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports http,https -m set --match-set fail2ban-wordpress src -j REJECT --reject-with icmp-port-unreachable -- stdout: ''
2018-10-08 11:39:16,001 fail2ban.action [16540]: ERROR ipset create fail2ban-wordpress hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports http,https -m set --match-set fail2ban-wordpress src -j REJECT --reject-with icmp-port-unreachable -- stderr: 'FirewallD is not running\n'
2018-10-08 11:39:16,001 fail2ban.action [16540]: ERROR ipset create fail2ban-wordpress hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports http,https -m set --match-set fail2ban-wordpress src -j REJECT --reject-with icmp-port-unreachable -- killed with signal 124 (return code: 252)
2018-10-08 11:39:16,001 fail2ban.actions [16540]: ERROR Failed to start jail 'wordpress' action 'firewallcmd-ipset': Error starting action
Now when I restart the fail2ban I get no errors:
Code: Select all
2018-10-08 12:23:39,766 fail2ban.jail [13842]: INFO Jail 'wordpress-hard' started
2018-10-08 12:23:39,775 fail2ban.jail [13842]: INFO Jail 'wordpress-soft' started
Here is my config file:
Code: Select all
[wordpress-hard]
enabled = true
filter = wordpress-hard
logpath = /var/log/vesta/auth.log
maxretry = 2
port = http,https
[wordpress-soft]
enabled = true
filter = wordpress-soft
logpath = /var/log/vesta/auth.log
maxretry = 5
port = http,https
Need some help.
Thanks
Re: Fail2ban + WP Fail2Ban Redux
jail.local
Code: Select all
[wordpress-hard]
enabled = true
filter = wordpress-hard
action = iptables-allports
logpath = /var/log/messages
maxretry = 1
port = http,https
logencoding = utf-8