You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
First, I use your plugin a lot. thank you for it.
Second, I use fail2ban on my server and I made a small change on your plugin to log to syslog when a wrong password is entered. Than I created fail2ban filter and action to ban the IP accordingly.
If you guys could include this piece of code in your development, that would be great as I wouldn't be worried about updating the plugin and you could also advertise the feature of fail2ban integration.
I added a piece of code just before the: $this -> _delete_old_items(); in the function insert( $args ) in the class-aal-api.php file. You probably could do a better job as the plugin creator ;)
Here is the code I added:
if ($args['action'] == "wrong_password") {
$siteUrl = explode("//", get_site_url());
openlog($siteUrl[1], LOG_PID, LOG_AUTH);
syslog(LOG_NOTICE,"Authentication failure for ". $args['object_name'] ." from ".$args['hist_ip']);
closelog();
}
The filter wordpress.conf:
# Fail2Ban configuration file
#
# Author: Igor Almeida
#
[INCLUDES]
# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf
[Definition]
_daemon = wordpress
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
failregex = Authentication failure for .* from <HOST>
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =
Hi,
First, I use your plugin a lot. thank you for it.
Second, I use fail2ban on my server and I made a small change on your plugin to log to syslog when a wrong password is entered. Than I created fail2ban filter and action to ban the IP accordingly.
If you guys could include this piece of code in your development, that would be great as I wouldn't be worried about updating the plugin and you could also advertise the feature of fail2ban integration.
I added a piece of code just before the: $this -> _delete_old_items(); in the function insert( $args ) in the class-aal-api.php file. You probably could do a better job as the plugin creator ;)
Here is the code I added:
The filter wordpress.conf:
And the jail snippet to insert into jail.local:
Thank you,
Igor Almeida
The text was updated successfully, but these errors were encountered: