logfiles for the domains and fail2ban

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • logfiles for the domains and fail2ban

      i was playing with fail2ban and a rule for wordpress sites and hacking the admin of the sites
      unfortunatly its not suiteble for Easyscp

      it uses access.log but Easyscp creates domain.com-access.log

      is there a way for me to change that?

      filter rule =
      • # WP brute force attacks filter
      • [Definition]
      • failregex = ^<HOST> .* "POST .*wp-login.php
      • ignoreregex =
      # save as wp-login.conf

      jail.local =
      • [wp-login]enabled = true
      • port = http,https
      • action = iptables-multiport[name=WP, port="http,https", protocol=tcp] sendmail-whois[name=fail2ban-wp-bruteforce, dest=your@email.com]
      • filter = wp-login
      • logpath = /var/www/virtual/domain.com/logs/*/access*log
      • maxretry = 5

      # test command
      fail2ban-regex /var/www/virtual/domain.com/logs/access.log /etc/fail2ban/filter.d/wp-login.conf
      (does not work only with the full access log file name like : domainname.com-access.log)
      8) wt nx mr lr snl 8)

      The post was edited 2 times, last by peppi ().

    • thnx m8

      1 more thing
      i have many wordpress sites on the servers how can i adjust it so all the sites are protected

      like i have
      1. var/www/virtual/domain.com
      2. var/www/virtual/asking.com
      3. var/www/virtual/mein.dobey
      4. var/www/virtual/domain.tv
      etc etc etc

      so i think i have to adjust this line to get it to work for all domains
      logpath = /var/www/virtual/domain.com/logs/*/access*log
      8) wt nx mr lr snl 8)