WordPress.org

Plugin Directory

WP fail2ban

Write all login attempts to syslog for integration with fail2ban.

fail2ban is one of the simplest and most effective security measures you can implement to prevent brute-force password-guessing attacks.

WP fail2ban logs all login attempts, whether successful or not, to syslog using LOG_AUTH. To make log parsing as simple as possible WPf2b uses the same format as sshd. For example:

Oct 17 20:59:54 foobar wordpress(www.example.com)[1234]: Authentication failure for admin from 192.168.0.1
Oct 17 21:00:00 foobar wordpress(www.example.com)[2345]: Accepted password for admin from 192.168.0.1

WPf2b comes with two fail2ban filters, wordpress-hard.conf and wordpress-soft.conf, designed to allow a split between immediate banning and the traditional more graceful approach.

Requires PHP 5.3 or later.

Other Features

CloudFlare and Proxy Servers

WPf2b can be configured to work with CloudFlare and other proxy servers. See WP_FAIL2BAN_PROXIES in the FAQ.

Pingbacks

WPf2b logs failed pingbacks, and can log all pingbacks. See WP_FAIL2BAN_LOG_PINGBACKS in the FAQ.

WP_FAIL2BAN_BLOCK_USER_ENUMERATION

WPf2b can block user enumeration. See WP_FAIL2BAN_BLOCK_USER_ENUMERATION in the FAQ.

Work-Arounds for Broken syslogd

WPf2b can be configured to work around most syslogd weirdness. See WP_FAIL2BAN_SYSLOG_SHORT_TAG and WP_FAIL2BAN_HTTP_HOST in the FAQ.

Blocking Users

WPf2b can be configured to short-cut the login process when the username matches a regex. See WP_FAIL2BAN_BLOCKED_USERS in the FAQ.

Requires: 3.4.0 or higher
Compatible up to: 4.5.3
Last Updated: 3 weeks ago
Active Installs: 20,000+

Ratings

4.9 out of 5 stars

Support

2 of 6 support threads in the last two months have been marked resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

1 person says it works.
0 people say it's broken.

100,1,1
100,1,1 100,2,2
100,2,2
100,2,2 100,2,2
50,2,1
100,1,1
0,1,0
100,1,1 100,1,1
100,2,2
100,1,1
100,4,4
100,1,1
100,3,3 100,2,2
100,1,1
100,2,2
100,1,1
100,1,1
50,2,1
100,1,1