I have installed the plugin on my site and activated it. And now… Well, what next? All the guides I found seem to include Ubuntu or Plesk, and paths that do not exist. Any simple explanation available somewhere?
Welcome @TempUsername - hopefully you’ll have time to come up with a “permanent” username
I’ve always thought of WPf2b as an add-on for people who already have fail2ban
installed and working. I agree that starting the other way around very much is a case of “well, what next?”.
The short answer to your question is: not that I’m aware of.
I’ll take another look.
I stuck up at same place: Cannot find jail.local file in WP directories and there is neither /var/log/auth.log path (yes, that would be something on my Ubuntu)
It also seems if add defining lines in wp-config.php (ie define(‘WP_FAIL2BAN_BLOCK_USER_ENUMERATION’, true); ) that will not appear (read out) in WPFail2ban plugin (might it is not running). I already clean caches, deactivate/activate the plugin without any changes.
Yeah, you should have some extra lines in documentation for idiots like us :))))
I’ve given this some thought over the last few days, and I’ve come up with a few things I’m going to do. However, what I’m not going to do is try to document how to configure fail2ban
on various systems - there are simply too many permutations; unless O’Reilly want to offer me a book deal, it’s too much for me to tackle.
On the positive side:
-
WPf2b
is pre-installed on Digital Ocean’s WordPress droplets; I’ll put some docs together on how to get the most out of that. There’s nothing wrong with the way they’ve configured it, but you can do more. -
A
fail2ban
configuration “Wizard” would be a good fit for the Remote Tools add-on, so I’ll add that. -
I’ve not decided on which platform to use yet (suggestions welcome), but I’ll offer a “Configure My Server” service via something like People Per Hour or Fiverr.
Any other ideas and suggestions are welcome!
As I understand it from having read the documentation, there is no ‘one size fits all’ config. All well & good but there really ought to be mention for those of using the plugin with hosting that DOES_NOT include access to root, which would probably resolve a lot of issues on this board. It seems to me that the app ASSumes that 100% of users have root access.
It’s possible the jail.local doesn’t exist because I can’t find it either. Granted, I’m using hosting that DOES_NOT incl. root access but the app doesn’t take that particular aspect into consideration. The documentation assume 100% of users have root access which probably accounts for a large percentage of the issues found on this board.
Hi @wp-fail2ban, re your comment -
WPf2b
is pre-installed on Digital Ocean’s WordPress droplets; I’ll put some docs together on how to get the most out of that. There’s nothing wrong with the way they’ve configured it, but you can do more.
I am using the Digital Ocean WordPress droplet (one-click install) and I am interested to know what more can be done? There’s only 3 filters enabled [sshd] [wordpress-soft] [wordpress-hard] and it seems under used when there’s 90 filters available in f2b filter.d folder.
Have you written a guide anywhere on how to improve fail2ban on the DigitalOcean WordPress droplet?
Thank you