Optimizing plesk-wordpress jail and filter for fail2ban

The Plesk-Wordpress Jail is not configured optimal for banning all attacks to your wordpress Sites. So I have optimized the filter and jail.

In Plesk Gui go to Tools & Settings and in Section Security to IP Address Banning (Fail2Ban):

Then open Jails and Manage Filters:

open the Jail Filter plesk-wordpress and change the content to:

[Definition]
failregex = ^<HOST>.* "POST .*(wp-login.php|xmlrpc.php)([/\?#\\].*)? HTTP/.*" 200|401
ignoreregex =

like this and save settings with OK:

Now open the jail plesk-wordpress and change Settings:

add the following into action:

iptables-multiport[name="plesk-wordpress", port="http,https,7080,7081"]

and this into the field for logpath:

/*access*log
/var/log/apache2/*access.log
/var/www/vhosts/system/*/logs/*access*log.processed

then click OK.

Now the WordPress-Jail is optimized to ban all attacks on wp-login and xmlrpc.

Unterstützung

——————————————————-

Picture of Elchinator on Pixabay