WireFlare WordPress Fail2Ban Plugin creates a syslog facility to log invalid login attempts in a custom file for use with Fail2Ban.
PLEASE READ
This plugin has no options and will not work without having server side root access.
You must follow our guide for setting up the server to make this plugin do it's job. The guide can be found here:
WordPress Login Security with Fail2Ban
What this plugin does:
This plugin constructs a syslog facility called local1. It then hooks into the WP login failed action. Any invalid login attempts are logged with the ip address, username used and website that it’s coming from. These invalid attempts are parsed by Fail2Ban to provide a proactive method to block intrusion attempts.
This plugin is different from other plugins in that we don't save to the syslog. A custom log is created. This reduces the CPU load on the server and keeps a log dedicated to invalid WordPress login attempts. These log entries can be used to block repeat offenders as well as place temporary blocks on anyone attempting to break your website. The log file can also be used across many different websites and transferred between servers.
Visit us at
WireFlare
- Unzip the download package
- Upload
wp-fail2ban-logging
to the /wp-content/plugins/
directory
- Activate the plugin through the 'Plugins' menu in WordPress
To getting started with the plugin API, please read
this blog post.