Knowledgebase: Wordpress
How to set up fail2Ban in Plesk 12 for Wordpress logins
Posted by VisiChat Hosting, Last modified by VisiChat Hosting on 28 August 2015 03:50 PM

Prerequisites

  • Admin login to Plesk
  • Fail2Ban enabled

Overview

Fail2Ban is a new feature in Plesk 12 that allows users to set up filters to block ip addresses to prevent things like brute force attacks. The following support articles outlines how to configure Fail2Ban for WordPress. This article assumes you already have Fail2Ban to installed and configured, if not you can read our guide here.

Instructions

  1. From the Admin bar on the left hand side menu, click on “Tools & Settings”, then click on “IP Address Banning (Fail2Ban)”.
    Fail2ban Wordpress

  2. Under “IP Address Banning” click on the “Jails” tab.
    Fail2ban Wordpress

  3. Under the “Jails” tab, click on “Manage Filters”.
    Fail2ban Wordpress

  4. From the “Jail Filters” screen click “Add Filter”.
    Fail2ban Wordpress

  5. From within the “Add Jail Filter” give the filter a meaningful name in the “Name” field. Then in the “Content” field add the following:


    Fail2ban Wordpress

    [Definition]
    failregex = <HOST>.*] "POST /wp-login.php
    ignoreregex =
    
  6. Navigate back to the “Jails” screen. Alternatively you can click on the green arrow “Up Level” icon in the top right hand corner.
    Fail2ban Wordpress

  7. From under the “Jails” tab click on “Add Jail”.
    Fail2ban Wordpress

  8. [A] – Under “Name”, give the Jail a meaningful name, we used the same as the filter for ease of management. Under “Filter” select the filter we created in the pervious steps.

    [B] – Enter the below details, updating “name=WPLogin” with the name you have give the Filter.

    iptables-multiport[name=WPLogin, port="http,https"]

    [C] – This step is optional but allows email notifications to be set up for instances of where IP addresses have been jailed. Under “dest” specify the email address notifications are to go to. Then from the “Action” drop down list select “sendmail-whois”.

    sendmail-whois[name=WPLogin, dest=YOUR@EMAIL_ADDRESS.com]


    [D] – Specify the directory of the access log of the site/s.

    /var/www/vhosts/system/*/logs/*access*log

    [E] – Specify the duration of the ban of an ip address, and the number of attempts before its banned.

    Click “OK”. The filter is set up on the server.

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).