Securing WordPress with Fail2Ban
WordPress’s popularity gives rise to a problem. There are tonnes of hackers trying to break into your wordpress sites right now! There are fantastic wordpress security plugins like Wordfence which I can highly recommend. Wordfence can already block IP addresses for repeat login failures on your wordpress site, but wouldn’t it be nice if we could block those same IPs from EVERY web site on our server, including webmail and phpMyAdmin?
Enter fail2ban. With WebCP 2.0.0 we’ve moved from our previous log file monitor to fail2ban. Fail2ban is an amazing log file monitor which monitors servers and services log files and can then be set to block those IP address in the firewall.
Install WP Fail2ban Plugin
WordPress does not have a log file out of the box, but do a search in the plugin screen for WP fail2ban by Charles Lecklider and install and activate it.
That’s all you have to do. WebCP 2.x.x already has the fail2ban filter config file for wordpress and the jail set up.
Now when a repeat offender tries to break into your wordpress site on WebCP they’ll get banned directly on the server’s firewall.
This is not only the best form of securing your individual site but it also means that they won’t be able to access any other sites on your server for the duration of their ban time.