anonymous WP-plugins
-
Dear Support,
I have a little problem with some anonymous WP-plugins or themes.
My remote IP, for example, is 192.168.1.123 – look at my logs:/var/log/auth.log
Aug 22 22:27:10 box wordpress(xxx)[xxx]: Authentication failure for admin from 192.168.0.0
Aug 22 22:27:18 box wordpress(xxx)[xxx]: Authentication failure for admin from 192.168.0.0
Aug 22 22:27:26 box wordpress(xxx)[xxx]: Authentication failure for admin from 192.168.0.0/var/log/fail2ban.log
2016-08-22 22:27:26 fail2ban.actions[xxx]: WARNING [wordpress-soft] Ban 192.168.0.0
2016-08-22 22:42:27 fail2ban.actions[xxx]: WARNING [wordpress-soft] Unban 192.168.0.0It does not work like that! ??
A small idea is, i put a variable in the configuration file wp-config.php
define(‘WP_FAIL2BAN_ORIGINAL_REMOTE_ADDR’, $_SERVER[‘REMOTE_ADDR’]);
and in the remote_addr function before the last return value following code is inserted
if (defined(‘WP_FAIL2BAN_ORIGINAL_REMOTE_ADDR’)) {
return WP_FAIL2BAN_ORIGINAL_REMOTE_ADDR;
}This is a simple hack, and it works great with my fail2ban!
I hope to see this changes in the next version of WP fail2ban. ??Thank you very much!
greetings,
pruno
- The topic ‘anonymous WP-plugins’ is closed to new replies.