有没有一种方法来设置禁止阻止太多次打wp-login的IP?
我曾尝试添加这个jail.local:
[apache-wp-login] enabled = true action = iptables[name=wplogin, port=http, protocol=tcp] sendmail-whois[name=wplogin, dest=root, sender=fail2ban@example.com] filter = apache-wp-login logpath = /var/log/apache2/other_vhosts_access.log maxretry = 5 然后在/etc/fail2ban/filter.d/apache-wp-login.conf中添加一个定义:
[Definition] # Option: failregex # Notes.: Regexp to catch Apache dictionary attacks on WordPress wp-login # Values: TEXT # failregex = [\w\.\-]+ [\w\.\-]+ .*] "POST /wp-login.php
仍然越来越wplogin尝试超过maxentry限制…可能是因为我使用组合的日志格式,而不是共同的?
我修改了我的WordPress主题functions.php文件添加以下内容:
add_action('wp_login_failed', 'log_wp_login_fail'); // hook failed login function log_wp_login_fail($username) { error_log("WP login failed for username: $username"); }
失败login现在写入我的错误日志中。
我的apache-wp-config.conf如下所示: [Definition] failregex = [[]client <HOST>[]] WP login failed.* ignoreregex =
我的jail.local包含以下内容: [apache-wp-login] enabled = true filter = apache-wp-login action = iptables-multiport[name=apache-wp-login, port="http,https"] sendmail-whois[name=apache-wp-login, dest=root, [email protected]] logpath = /home/*/logs/*error.log bantime = 720 maxretry = 6
更多信息在这个网站