Log too many requests?

Hi kranzoky,

it is very easy to protect wordpress with fail2ban. I wrote a german article about that on https://www.ionas-server.com/blog/fail2ban-schutz-vor-brute-force-angriffen/. But here is the short version in english:

0) install this plugin wp-fail2ban on your wordpress instance.
1) install fail2ban on your linux server
2) create a filter for wordpress “wordpress.conf”. You can download the file under: https://plugins.svn.www.ads-software.com/wp-fail2ban/trunk/wordpress.conf
3) add the filter to the jail.conf of fail2ban and then activate it.

If you don’t understand the german blog entry. Please write me an email.

One important hint: don’t forget to “ignore your own ip” in fail2ban. Otherwise you ban yourself very fast. ??

Best regards
Christoph

@ christophdb I don’t really understand your reply or your blog post, isn’t that article simply explaining how to use the wp-fail2ban plugin?

The other person (kranzoky) asked how to block IPs after too many requests not failed logins or am I missing something here?

Hi Ovidiu,

yes it is right that one part of the article is the explanation how to use the fail2ban plugin.

But the other part is a general explanation how to use fail2ban. Therefore if for example kranzoky gets a lot of requests but no logins this should be visible in some log files. Then define a rule for example with a very high count number to block and the problem can be solve to.

Best regards
Christoph

Ah, thanks, I understand. I missed the connection here.