#wordpress #fail2ban Odpaliłem na serwerze fail2bana z regułkami pod wp-login, oto rezultat:
[ciach jeszcze 6 ekranów]
2021-01-18 21:59:05,096 fail2ban.actions [6304]: NOTICE [wordpress] Ban 52.172.153.7
2021-01-18 21:59:05,307 fail2ban.actions [6304]: NOTICE [wordpress] Ban 52.188.153.36
2021-01-18 21:59:05,519 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.37.198.243
2021-01-18 21:59:05,731 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.38.134.219
2021-01-18 21:59:05,944 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.38.65.127
2021-01-18 21:59:06,156 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.39.16.153
2021-01-18 21:59:06,369 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.80.228.19
[ciach jeszcze 6 ekranów]
2021-01-18 21:59:05,096 fail2ban.actions [6304]: NOTICE [wordpress] Ban 52.172.153.7
2021-01-18 21:59:05,307 fail2ban.actions [6304]: NOTICE [wordpress] Ban 52.188.153.36
2021-01-18 21:59:05,519 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.37.198.243
2021-01-18 21:59:05,731 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.38.134.219
2021-01-18 21:59:05,944 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.38.65.127
2021-01-18 21:59:06,156 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.39.16.153
2021-01-18 21:59:06,369 fail2ban.actions [6304]: NOTICE [wordpress] Ban 54.80.228.19
Mam serwer nginx + stoi on za cloudflare. Mam ustawione setrealip_from aby znać prawdziwe ip ludzi. Wczoraj zainstalowałem sobie fail2ban. W konfigu nginxa mam że jak ktoś przekroczy limit połączeń to ma błąd 503 (limiting requests, excees by zone bla bla bla).
Według tego mam ustawione banowane w fail2ban, łapie on te eventy i banuje, wsadza do iptables, problem