Plugin / Authentication and xmlrpc log writer

Federico Rota
Download from WordPress

Frequently Asked Questions (FAQ)

You can defines the options in the AX Logwriter Settings page. Error Type: define the error type Options: SYSTEM -> write into SYSLOG; APACHE -> write into APCACHE ERROR LOG; CUSTOM -> write into log file defined into admin panel; CUSTOM Error Log Path: error log file absolute path ( only in CUSTOM mode ) e.g. /your/error/logs/path/ CUSTOM Error Log Name: error log file name ( only in CUSTOM mode ) e.g. sites_auth_errors.log TIMEZONE: time zone to use ( only if current_time() WP function not exists ) e.g. Europe/Rome Log each pingback request: enable the log of each pingback request Stop User Enumeration: enable the log of user enumeration attempts. Make also a redirect to the site home Remove WP version and generator tag: remove the wordpress version number and generator meta from the head section of your site Kill multiple xmlrpc request on xmlrpc login error: kill multiple requests in a single xmlrpc call returning a 401 code on xmlrpc login error to prevent server overloading on brute force attack by xmlrpc. Disable xmlrpc authenticated methods: disable all xmlrpc methods that require authentication in order to avoid brute force attack by xmlrpc. Use this feature if you don’t need these xmlrpc methods.
Create new filter called wp-auth-and-xmlrpc.conf into /filter.d path of fail2ban Filter content: [Definition] failregex = ^.*Authentication failure on .* from .*$ ^.*Pingback error .* generated on .* from .*$ ignoreregex = Create new jail called wp-auth-and-xmlrpc.conf into /jail.d path of fail2ban Jail content: [wp-auth-and-xmlrpc] enabled = true logpath = /storage/www/logs/sites_auth_errors.log maxretry = 5 bantime = 600 findtime = 60 filter = wp-auth-and-xmlrpc action = %(action_mwl)s logpath must exists before activate the jail and need to be the same used for this plugin Reload or restart fail2ban

Ratings

5
1 reviews

Rating breakdown

Details Information

Version

1.2.2

First Released

16 Dec, 2015

Total Downloads

2,697

Wordpress Version

3.5.1 or higher

Tested up to:

4.7.15

Require PHP Version:

-

Tags

Brute Force fail2ban security

Contributors

Federico Rota

Languages

The plugin hasn't been transalated in any language other than English.

DIRECTORY DISCLAIMER

The information provided in this THEME/PLUGIN DIRECTORY is made available for information purposes only, and intended to serve as a resource to enable visitors to select a relevant theme or plugin. wpSocket gives no warranty of any kind, express or implied with regard to the information, including without limitation any warranty that the particular theme or plugin that you select is qualified on your situation.

The information in the individual theme or plugin displayed in the Directory is provided by the owners and contributors themselves. wpSocket gives no warranty as to the accuracy of the information and will not be liable to you for any loss or damage suffered by you as a consequence of your reliance on the information.

Links to respective sites are offered to assist in accessing additional information. The links may be outdated or broken. Connect to outside sites at your own risk. The Theme/Plugin Directory does not endorse the content or accuracy of any listing or external website.

While information is made available, no guarantee is given that the details provided are correct, complete or up-to-date.

wpSocket is not related to the theme or plugin, and also not responsible and expressly disclaims all liability for, damages of any kind, arising out of the use, reference to, or reliance on, any information or business listed throughout our site.

Keep Leading Your Followers!
Share it for them.