sudo service fail2ban restart
tail -f /var/log/fail2ban.log
fail2ban-client set nginx-wp-login banip 185.39.10.73
sudo fail2ban-client status nginx-wp-login
# /etc/fail2ban/filter.d/nginx-wp-login.conf | |
[Definition] | |
failregex = ^<HOST> .* "POST /wp-login.php | |
^<HOST> .* "POST /wp/wp-login.php | |
^<HOST> .* "POST .*xmlrpc.php | |
ignoreregex = |
# /etc/fail2ban/jail.d/nginx-wp-login.conf | |
[nginx-wp-login] | |
enabled = true | |
port = http,https | |
filter = nginx-wp-login | |
action = iptables-multiport[name=nginx-wp-login, port="http,https", protocol=tcp] | |
logpath = /var/log/nginx/access.log | |
/var/www/some_site/access_log | |
maxretry = 8 | |
findtime = 600 |