Not logging pingbacks

  • I’m trying to log pingbacks so I can fail2ban the IPs. The pingbacks are not getting logged.

    With “define(‘WP_FAIL2BAN_LOG_PINGBACKS’,true);” and “define(‘WP_FAIL2BAN_PINGBACK_LOG’,LOG_LOCAL3);” nothing gets written to Local3 (which is active, I have tested the facility with a simple dummy test:
    <?php
    openlog(“test”,LOG_NDELAY,LOG_LOCAL3);
    syslog(LOG_NOTICE,”Hey”);
    closelog();
    ).

    I am getting about 10,000 pingbacks per day, but NONE of them trigger this plugin’s logging.

    Catching the POST xml data shows me the following:

    93.174.93.234<?xmlversion=”1.0″?>
    <methodCall>
    <methodName>pingback.ping</methodName>
    <params>
    <param>
    <value>
    <string>https://www.reportyor.com/?cat=hadise&id=11208</string&gt;
    </value>
    </param>
    <param>
    <value>
    <string>https://blog.simonandkate.net/20140415/beautiful-new-zealand</string&gt;
    </value>
    </param>
    </params>
    </methodCall>

    It appears to be a valid pingback. Yes I can disable pingback, but I’d rather log them and fail2ban them. I could also just catch xmlrpc.php calls and ban them, but I use xmlrpc…

    Can this plugin log the pingbacks?

    https://www.ads-software.com/plugins/wp-fail2ban/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author invisnet

    (@invisnet)

    It’s always worked for me, so I’m wondering if you’ve got another plugin installed that’s not playing nicely with others.

    Version 3.0 now logs failed pingbacks which are the ones you really want to block.

    Thread Starter simonmwilson

    (@simonmwilson)

    I’ve installed v3, will see how it goes. I’ve added the following to wp-config.php to start with just to see if it logs, if it works I will jump into fail2ban config.

    It’s a CentOS system and uses AUTHPRIV…

    define(‘WP_FAIL2BAN_AUTH_LOG’,LOG_AUTHPRIV);
    define(‘WP_FAIL2BAN_LOG_PINGBACKS’,true);
    define(‘WP_FAIL2BAN_PINGBACK_LOG’,LOG_LOCAL3);

    The requests are hitting apache as I see all of the httpd processes…

    I just noticed I was getting a lot of pingback errors in my auth.log, but they weren’t getting blocked properly.

    Upon inspection, I noticed that the format of the line in auth.log looked a little weird:

    Apr 7 03:13:13 trog 33 generated from 185.130.5.165[3913]: Pingback error 33 generated from x.x.x.x

    The line in wp-fail2ban.php responsible for this is:

    \syslog(LOG_NOTICE,'Pingback error '.$ixr_error->code.' generated from '.remote_addr());

    Nothing obviously wrong with it. I changed the quotes from single quotes to double quotes, a la:

    \syslog(LOG_NOTICE,"Pingback error $errcode generated from ".remote_addr());

    … (with $errcode populated in another line) and now it logs correctly, a la:

    Apr 7 03:13:18 trog wordpress(103.16.128.201)[3913]: Pingback error 33 generated from x.x.x.x

    Weird. But it works fine like this.

    Thread Starter simonmwilson

    (@simonmwilson)

    At least you are getting the log entries. It’s not logging at all for me, so your issue is not connected with this thread.

    WP fail2ban is still not logging at all for me.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Not logging pingbacks’ is closed to new replies.