From 396f20a14ced6212337a396d5621576788e2862c Mon Sep 17 00:00:00 2001
From: Pete
Date: Tue, 29 Jan 2019 23:57:52 +0100
Subject: [PATCH] Update wp-auth.conf to include some commonly attacked
WordPress URLs
---
docs/hardening/anti-bruteforce/wp-auth.conf | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/docs/hardening/anti-bruteforce/wp-auth.conf b/docs/hardening/anti-bruteforce/wp-auth.conf
index 2acad450c..1fc420c87 100644
--- a/docs/hardening/anti-bruteforce/wp-auth.conf
+++ b/docs/hardening/anti-bruteforce/wp-auth.conf
@@ -2,4 +2,9 @@
# This goes into /etc/fail2ban/filter.d/wp-auth.conf
#
[Definition]
- failregex = ^ .* "POST /wp-login.php
\ No newline at end of file
+failregex = ^ .* "POST /wp-login.php
+ ^ .* "POST /wordpress/wp-login.php
+ ^ .* "POST /wp/wp-login.php
+ ^ .* "GET /login_page.php
+#ignoreregex =
+
\ No newline at end of file
--
GitLab