I completely forgot about to move a fail2ban…

Gah!Gah!! I was forgetting to move a fail2ban!
So, It was became like this…(^_^メ)

kiba

Boo-hoo…

Well.. Here we go.

apt-get update
apt-cache policy fail2ban

fail2ban:
     0.8.13-1 0
        500 http://ftp.riken.jp/Linux/debian/debian/ jessie/main amd64 Packages

First config disabled All. SSH was not only without password authentication but also listening port changed.
only one that is necessary!!

/etc/fail2ban/jail.conf

[nginx-wplogin]
enabled  = true
filter   = nginx-wplogin
action   = iptables-multiport[name=nginx-wplogin, port="http,https", protocol=tcp]
logpath  = /var/log/nginx/access.log

/etc/fail2ban/filter.d/nginx-wplogin.conf

[Definition]
failregex = ^<HOST>\ \-.*\"POST\ \/wp-login.php HTTP\/1\..*\"
ignoreregex =

Then I confirmed that operation!!

POST /wp-login.php HTTP/1.0
Connection closed by foreign host.

Look log...

fail2ban.actions[10336]: WARNING [nginx-wplogin] Ban ***.***.***.***

Right on!

See ya.

Similar Posts:


Leave a Reply

Your email address will not be published. Required fields are marked *