29 lines
935 B
Plaintext
29 lines
935 B
Plaintext
# Fail2Ban filter for WordPress hard failures
|
|
# Auto-generated: 2019-07-15T18:00:14+00:00
|
|
#
|
|
|
|
[INCLUDES]
|
|
|
|
before = common.conf
|
|
|
|
[Definition]
|
|
|
|
_daemon = (?:wordpress|wp)
|
|
|
|
failregex = ^%(__prefix_line)sAuthentication attempt for unknown user .* from <HOST>$
|
|
^%(__prefix_line)sREST authentication attempt for unknown user .* from <HOST>$
|
|
^%(__prefix_line)sXML-RPC authentication attempt for unknown user .* from <HOST>$
|
|
^%(__prefix_line)sSpam comment \d+ from <HOST>$
|
|
^%(__prefix_line)sBlocked user enumeration attempt from <HOST>$
|
|
^%(__prefix_line)sBlocked authentication attempt for .* from <HOST>$
|
|
^%(__prefix_line)sXML-RPC multicall authentication failure from <HOST>$
|
|
^%(__prefix_line)sPingback error .* generated from <HOST>$
|
|
|
|
ignoreregex =
|
|
|
|
# DEV Notes:
|
|
# Requires the 'WP fail2ban' plugin:
|
|
# https://wp-fail2ban.com/
|
|
#
|
|
# Author: Charles Lecklider
|