Category Archives: Wordpress

Prevent WordPress Brute-force attacks with fail2ban

Introduction

If you run wordpress on a Raspberry Pi then the chances are very high that you get attacked with many attempts and failed logins on you wp-login.php file.

In my case all these attempt showed up in my websites statistics as uniq ip’s that have had many tousands hits on my site…..it’s not only a security problem, but it also have a small impact on performance of your site, i was lucky my Pi 3 didn’t complain and was fast enough 😉

You can use the filters and jails in this post on other linux distributions, but the fail2ban and log files may be in a different place, i have made this to work for the Pi 3 with Rasperian (Debian)

Setting up fail2ban jail and filter rules

I assume that you allready have installed fail2ban

Open the jail configuration

sudo vi /etc/fail2ban/jail.d/defaults-debian.conf

Put this section in the file and save

[wordpress]
enabled = true
port = http,https
filter = wordpress
action = iptables-multiport[name=wordpress, port="http,https", protocol=tcp]
logpath = /var/log/apache2/*.log
maxretry = 30
findtime = 10800 ; 3 hours
bantime = 86400 ; 1 day

Make a filter file for wordpress

sudo vi /etc/fail2ban/filter.d/wordpress.conf

Make this section and save file.

[Definition]
failregex = ^<HOST> .* "POST .*wp-login.php
            ^<HOST> .* "POST .*xmlrpc.php
ignoreregex =

Restart fail2ban

sudo systemctl restart fail2ban

WordPress | Writing Code in Your Posts

If you wan’t to use some of the special characters in your posts that overlabs html codes then will be hidden because they overlab HTML codes.

But there is a solution for that, you can use character codes in your source instead, just switch to Text view and replace them.

Here is a list of most used special character entities:

< = &lt; or &#60;
> = &gt; or &#62;
/ = &#47;  	
] = &#93;
[ = &#91;
" = &quot; or &#34;
' = &#39;
“ = &ldquo; or &#8220;
” = &rdquo; or &#8220;
‘ = &lsquo; or &#8216;
’ = &rsquo; or &#8217;
& = &amp; or &#38;