regex fixed in -hard.conf, but not in -soft.conf | WordPress.org

Resolved coderonline
(@coderonline)

7 years, 8 months ago
The fail regex om wordpress-soft.conf should be:
```
failregex = ^%(__prefix_line)sAuthentication failure for .* from <HOST>( via XML-RPC)?$
            ^%(__prefix_line)sXML-RPC authentication failure from <HOST>$
```
The last part ( via XML-RPC)? is missing in the plugins sample configuration and no attackers get blocked. Watch out, have fun.

https://wordpress.org/plugins/wp-fail2ban/

Viewing 1 replies (of 1 total)

Plugin Author invisnet
(@invisnet)

7 years, 8 months ago

Thanks – I’ve updated all the filters for 3.5.x.

Viewing 1 replies (of 1 total)

The topic ‘regex fixed in -hard.conf, but not in -soft.conf’ is closed to new replies.

Tags

In: Plugins
1 reply
2 participants
Last reply from: invisnet
Last activity: 7 years, 8 months ago
Status: resolved