From 199c0d896911ae93b439e1af215b2fde22f2dafa Mon Sep 17 00:00:00 2001
From: Pete
Date: Sat, 15 Jun 2019 01:57:38 +0200
Subject: [PATCH] Replace wp-auth.conf
---
docs/hardening/anti-bruteforce/wp-auth.conf | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/docs/hardening/anti-bruteforce/wp-auth.conf b/docs/hardening/anti-bruteforce/wp-auth.conf
index 1fc420c87d..cc22adda28 100644
--- a/docs/hardening/anti-bruteforce/wp-auth.conf
+++ b/docs/hardening/anti-bruteforce/wp-auth.conf
@@ -1,10 +1,26 @@
+# +++++++++++++++++++++++++++++++++++++++++++++++++++++
+# + NetworkSEC / NwSEC Layer 7 Brute Force Protection +
+# +++++++++++++++++++++++++++++++++++++++++++++++++++++
+#
+# v1.1 150619
+#
+# BSD License
+#
+# S/W: Fail2ban or NWS ThreatBlock™ ¹
+#
+# Application: WordPress
+#
+# Description: Looks for some login/exploit attempts
+#
#
-# This goes into /etc/fail2ban/filter.d/wp-auth.conf
#
[Definition]
failregex = ^ .* "POST /wp-login.php
^ .* "POST /wordpress/wp-login.php
^ .* "POST /wp/wp-login.php
^ .* "GET /login_page.php
+ ^ .* "POST /xmlrpc.php
#ignoreregex =
-
\ No newline at end of file
+#
+# ¹ j/k
+#
--
GitLab