Can't use WP-fail2ban in a corporate environment

  • Resolved paulashbrook

    (@paulashbrook)


    11 years, 9 months ago

    I have a WP site in a corporate DMZ that is protected by a proxy and ISA server. The server has seen its fair share of brute force attacks on SSH access, but “fail2ban” puts a stop to those.

    In my environment, though, I can’t use WP-fail2ban, as the server logs all web traffic – legitimate and malicious – as coming from the same IP address, that of the ISA server.

    So, if someone caused fail2ban to trigger a block, then that block would also stop legitimate user traffic.

    I’ve already implemented various security tricks and a couple other security plugins, so I’m have to rely on those.

    Other corporate admins take note.

    https://www.ads-software.com/extend/plugins/wp-fail2ban/

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi Paul,

    I’m not the plugin author. But basically, in this scenario you should be deploying or developing a plugin that extracts the true IP address of the original visitor so that WordPress is dealing with the right thing. If you look at the WordPress plugin for Cloudflare, that shows you how it’s done.

    David

    Plugin Author invisnet

    (@invisnet)

    I’ve just released 2.0.0 which has some *experimental* code to deal with this problem.
    Details are in the readme – let me know how you get on.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Can't use WP-fail2ban in a corporate environment’ is closed to new replies.