Support » Plugin: WP fail2ban » Great idea, some good code, not finished

  • First: the best thing you can do for the security and performance of your WordPress site is install fail2ban on your server with reasonably tight settings (I’d allow more than the default three tries and ban for much longer than an hour). The next best step is to add WordPress login to the fail2ban system.

    WP fail2ban looks after this. The idea is great, the code is not bad but there are holes in it. Almost everyone who installs the WP fail2ban has to do a lot of unnecessary changes for compatibility. Example here. We spent a couple of hours troubleshooting WP fail2ban for ourselves.

    Really invisnet should go the last mile and make WP fail2ban work out of the box for almost everyone.

    We’re willing to contribute if there’s an easy path to collaboration. Emailing code changes would not qualify as an easy path. When invisnet or we fix WP fail2ban, we’re happy to raise our review to 5 stars. If you’re not a developer (with time on your hands) be careful about putting up WP fail2ban as is. It probably won’t do anything without changes.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Why not just fork it and fix it. It’s open source. Please make this plugin work for all systems.

    I use centos 7 with cpanel and it’s not working

    Hi Leisegang,

    We’ve got lots of plugins to look after already right now. We’ve asked Invisnet to put up wpfail2ban on a standard collaboration platform like Github. It’s really up to the plugin author. We won’t be publishing a fork in the near future, although we’ve included some similar fail2ban code in our BusinessPress plugin (designed to make agency life easier controlling client access to updates).

    Thanks.

    @foliovision I noticed this redux version, perhaps it’s more likely to follow the line of development you’re suggesting…
    https://wordpress.org/plugins/wp-fail2ban-redux/

    Hi Majick,

    Thanks for the tip.

    We improved fail2ban and added it to our BusinessPress plugin which will also help you control updates and admin notices as well as give you access to hidden preferences to disable extras like emojis, oEmbed, REST API and XML RCP.

    BusinessPress is a single solution designed to fix what’s wrong with WordPress to save installing twenty different plugins to bring a WordPress installation under control.

    FWIW https://github.com/invisnet/wp-fail2ban

    Works great for me on Ubuntu server.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Great idea, some good code, not finished’ is closed to new replies.