wordpress插件之WP fail2ban

WP fail2ban的作者是Charles Lecklider,目前有50,000+个有效安装。已经Tested with 5.4.1版本的wordpress。
fail2ban is one of the simplest and most effective security measures you can implement to prevent brute-force attacks.
WP fail2ban logs all login attempts – including via XML-RPC, whether successful or not, to syslog using LOG_AUTH. For example:
Oct 17 20:59:54 foobar wordpress(www.example.com)[1234]: Authentication failure for admin from
Oct 17 21:00:00 foobar wordpress(www.example.com)[2345]: Accepted password for admin from

WPf2b comes with three fail2ban filters: wordpress-hard.conf, wordpress-soft.conf, and wordpress-extra.conf. These are designed to allow a split between immediate banning (hard) and the traditional more graceful approach (soft), with extra rules for custom configurations.

NEW – Remote Tools Add-on
The Remote Tools add-on provides extra features without adding bloat to the core plugin. For more details see the add-on page.
NB: Requires PHP >= 5.6

NEW – Support for 3rd-party Plugins
Version 4.2 introduces a simple API for authors to integrate their plugins with WPf2b, with 2 experimental add-ons:

Contact Form 7
Gravity Forms

NB: Requires PHP >= 5.6

CloudFlare and Proxy Servers
WPf2b can be configured to work with CloudFlare and other proxy servers. For an overview see WP_FAIL2BAN_PROXIES.

WPf2b can log comments (see WP_FAIL2BAN_LOG_COMMENTS) and attempted comments (see WP_FAIL2BAN_LOG_COMMENTS_EXTRA).

WPf2b logs failed pingbacks, and can log all pingbacks. For an overview see WP_FAIL2BAN_LOG_PINGBACKS.

WPf2b can log comments marked as spam. See WP_FAIL2BAN_LOG_SPAM.

Block User Enumeration
WPf2b can block user enumeration. See WP_FAIL2BAN_BLOCK_USER_ENUMERATION.

Work-Arounds for Broken syslogd
WPf2b can be configured to work around most syslogd weirdness. For an overview see WP_FAIL2BAN_SYSLOG_SHORT_TAG and WP_FAIL2BAN_HTTP_HOST.

Blocking Users
WPf2b can be configured to short-cut the login process when the username matches a regex. For an overview see WP_FAIL2BAN_BLOCKED_USERS.

mu-plugins Support
WPf2b can easily be configured as a must-use plugin – see Configuration.

微慕WordPress小程序商城 » wordpress插件之WP fail2ban


立即查看 了解详情