Error: unable to load signatures (#2) The moment I disable the iptables firewall on the frontend webserver the malware scan is working (using the new ninjafirewall.php script from github)
Normal port 80 traffic is allowed. Which calls does the ninjafirewall script make that could be blocked by iptables?
https://www.ads-software.com/plugins/ninjafirewall/
]]>WP fail2ban seems to be working – in so much that it is successfully adding an iptables REJECT rule for the offending IP (in the fail2ban-WordPress chain), but it doesn’t actually block the IP address. I can manually block my IP address with a DROP iptables rule, so I know iptables is generally working. Any ideas?
Thanks,
meeble
https://www.ads-software.com/plugins/wp-fail2ban/
]]>My question is if we could get feature that allows to define a custom ident for the openlog() to be used for the WP_FAIL2BAN_BLOCKED_USERS setting. The reason I ask this is because most of the usernames that you’re going to be putting in that constant are users that should never even be able to be used, e.g. admin|administrator|user|domain etc. People who try to login with these usernames shouldn’t be given a second chance. Since most JAIL configs might be something like
bantime = 3600
findtime = 600
maxretry = 5This is good for people who might legitimately forgot their password and tried multiple times. However, for those others who use those WP_FAIL2BAN_BLOCKED_USERS we could define a different set of rules that immediately and permanently bans them, as well as any other type of JAIL actions and filters. In my case, I currently ban users all the way up to my load balancer, but if someone did actually forget, I’d prefer that they have a timed ban via iptables and those WP_FAIL2BAN_BLOCKED_USERS are permanently banned via my load balancer.
Let me know what you think, and thanks again for this plugin, love it.
https://www.ads-software.com/plugins/wp-fail2ban/
]]>If I kill iptables the backup is OK — turn iptables back on and the backup is back to 0 bytes.
The funny thing is I only have INCOMING rules setup — all FORWARDED and OUTGOING traffic is automatically allowed.
In any event, Backuper can obviously connect to the remote server because it is creating the 0 byte files…but somehow an INCOMING rules is causing it to send 0 bytes…
Any idea what I can try? Sure has me bumfuzzled 
https://www.ads-software.com/plugins/backuper/
]]>Our original config was:
[wordpress]
enabled = true
filter = wordpress
action = iptables-multiport
logpath = /var/log/messages
port = http,https
maxretry = 3After a bit of testing (and some lost hair), we found the following configuration in our jail.local file worked:
[wordpress]
enabled = true
filter = wordpress
action = iptables-multiport[name=wordpress, port="http,https"]
logpath = /var/log/messages
maxretry = 3Fail2Ban Version = 0.8.10
https://www.ads-software.com/plugins/wp-fail2ban/
]]>