We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Fail2ban + WP Fail2Ban Redux
-
- Posts: 10
- Joined: Thu Aug 23, 2018 8:58 pm
- Os: CentOS 6x
- Web: nginx + php-fpm
Fail2ban + WP Fail2Ban Redux
Hello, I'm tryinf to configure Fail2ban in my server. I downloaded the plugin WP Fail2Ban Redux, and followed the instalation procedure found here: https://github.com/thebrandonallen/wp-fail2ban-redux
When I restarted the server I got a error in the log:
I don't know for sure but I toght that this error had something to do with the FirewallD, so I followed this tutorial: https://www.rosehosting.com/blog/set-up ... -centos-7/
Now when I restart the fail2ban I get no errors:
But those filters aren't working, and the log files are empty.
Here is my config file:
I don't know if I'm using the right path, but when I log in the VestaCP Panel I can see the entry in the log, but when I try to simulate a failed login in the Wordpress nothing is added in the log, and no IP is blocked.
Need some help.
Thanks
When I restarted the server I got a error in the log:
Code: Select all
2018-10-08 11:39:16,001 fail2ban.action [16540]: ERROR ipset create fail2ban-wordpress hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports http,https -m set --match-set fail2ban-wordpress src -j REJECT --reject-with icmp-port-unreachable -- stdout: ''
2018-10-08 11:39:16,001 fail2ban.action [16540]: ERROR ipset create fail2ban-wordpress hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports http,https -m set --match-set fail2ban-wordpress src -j REJECT --reject-with icmp-port-unreachable -- stderr: 'FirewallD is not running\n'
2018-10-08 11:39:16,001 fail2ban.action [16540]: ERROR ipset create fail2ban-wordpress hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports http,https -m set --match-set fail2ban-wordpress src -j REJECT --reject-with icmp-port-unreachable -- killed with signal 124 (return code: 252)
2018-10-08 11:39:16,001 fail2ban.actions [16540]: ERROR Failed to start jail 'wordpress' action 'firewallcmd-ipset': Error starting action
Now when I restart the fail2ban I get no errors:
Code: Select all
2018-10-08 12:23:39,766 fail2ban.jail [13842]: INFO Jail 'wordpress-hard' started
2018-10-08 12:23:39,775 fail2ban.jail [13842]: INFO Jail 'wordpress-soft' started
Here is my config file:
Code: Select all
[wordpress-hard]
enabled = true
filter = wordpress-hard
logpath = /var/log/vesta/auth.log
maxretry = 2
port = http,https
[wordpress-soft]
enabled = true
filter = wordpress-soft
logpath = /var/log/vesta/auth.log
maxretry = 5
port = http,https
Need some help.
Thanks
Re: Fail2ban + WP Fail2Ban Redux
jail.local
Code: Select all
[wordpress-hard]
enabled = true
filter = wordpress-hard
action = iptables-allports
logpath = /var/log/messages
maxretry = 1
port = http,https
logencoding = utf-8