WP fail2ban
[resolved] Can't use WP-fail2ban in a corporate environment (3 posts)

  1. paulashbrook
    Posted 2 years ago #

    I have a WP site in a corporate DMZ that is protected by a proxy and ISA server. The server has seen its fair share of brute force attacks on SSH access, but "fail2ban" puts a stop to those.

    In my environment, though, I can't use WP-fail2ban, as the server logs all web traffic - legitimate and malicious - as coming from the same IP address, that of the ISA server.

    So, if someone caused fail2ban to trigger a block, then that block would also stop legitimate user traffic.

    I've already implemented various security tricks and a couple other security plugins, so I'm have to rely on those.

    Other corporate admins take note.


  2. David Anderson
    Posted 2 years ago #

    Hi Paul,

    I'm not the plugin author. But basically, in this scenario you should be deploying or developing a plugin that extracts the true IP address of the original visitor so that WordPress is dealing with the right thing. If you look at the WordPress plugin for Cloudflare, that shows you how it's done.


  3. invisnet
    Plugin Author

    Posted 2 years ago #

    I've just released 2.0.0 which has some *experimental* code to deal with this problem.
    Details are in the readme - let me know how you get on.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • WP fail2ban
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic