Fail2Ban Filter for Ninjafirewall WP
Note: This will only work if you have full access to your web server's
How to use:
- Install Ninjafirewall WP to your WordPress web site.
- Enable brute force attack protection in Ninjafirewall ("Yes, if under attack" is the only setting that will generate brute-force attack log entries).
Write the incident to the server Authentication log.
- Copy /filter.d/ninjafirewall.conf from this repository to
- Add a
[ninjafirewall]section to the Jails section of your
[ninjafirewall] port = http,https filter = ninjafirewall logpath = %(syslog_authpriv)s backend = %(syslog_backend)s maxretry = 2 enabled = true
- Restart Fail2Ban:
service fail2ban restart
- Keep the maxretry override value low; 2 is good. Ninjafirewall is detecting automated brute-force attacks by bots, not accidental password errors by humans.
- If using CloudFlare on the web site, please see the fail2ban-action-cloudflare-restv4 repository for an updated CloudFlare action configuration file.