May 102015
 

I recently implemented Fail2ban on a FreeBSD jail host. It monitors log files within the jails, from the host. Offensive IP addresses which act up in one jail will be blocked at the host, thus blocking the rascal IP from all jails.

This has been running for about two weeks. Today I added another tool, the WP fail2ban plugin.

The plugin comes with a wordpress.local file, but to make it work with FreeBSD, it needs a tweak; it needs to use pf.

This is the file I placed at /usr/local/etc/fail2ban/jail.d/wordpress.local

[wordpress]
enabled = true
filter  = wordpress

action  = pf

logpath = /usr/jails/dan.langille.org/var/log/auth.log
          /usr/jails/jail1.example.org/var/log/auth.log
          /usr/jails/jail2.example.org/var/log/auth.log
          /usr/jails/jail3.example.org/var/log/auth.log

findtime  = 86400
maxretry  = 1
bantime   = 1209600

Hope this helps.

Website Pin Facebook Twitter Myspace Friendfeed Technorati del.icio.us Digg Google StumbleUpon Premium Responsive