Write all login attempts to syslog for integration with fail2ban.
Latest wordpress install ( 4.1 ) worked like a charm. Had to make a modification to the WordPress.cnf file since I'm on centos, but that's expected.
Little tweaking on the Debian side (not the plugin's fault) and works perfectly. Your mileage may vary due to server configuration but the plugin definitely does what it says. No naging, no "pro-version", no BS.
Thanks for the good work!
I would need a much more expensive VPS without this tool.
It lowers load on server.
A few days ago I disabled the plugin by mistake and the server load increased to 2 within some days.
Reenabling the plugin reduced it down to usual 0,25 within minutes.
Thanks for your work on this plugin, much appreciated! It works flawlessly. :)
Does exactly what is featured on the box. Installation a breeze. Well done.
Probably not required in a shared hosting setup.
Definately the right way to go for advanced security solutions for WP. Much better for advanced users to use Fail2Ban solutions instead of fully blown Security Plugins as the OS level is much more performant than any plugin could ever be.
Thanks a lot for the great Job and the usefull "addons" :-)
only little remark:
in jail.local it should be:
[wordpress] enabled = true port = http,https filter = wordpress banaction = iptables-allports action = %(action_mwl)s logpath = /var/log/auth.log
My server was getting many attacks until I installed this plugin.
Using fail2ban is a great way of preventing too much load going to Apache.
Note on Ubuntu 12.04 I had to change something for xmlrpc blocking to work, see details in the support tab.
great idea rolling this all up together.
I had to play with the jail.local config block a bit, but works great after it's setup.
You must log in to submit a review. You can also log in or register using the form near the top of this page.