{"id":7720,"date":"2021-03-12T00:08:56","date_gmt":"2021-03-11T21:08:56","guid":{"rendered":"https:\/\/kifarunix.com\/?p=7720"},"modified":"2024-03-19T19:21:07","modified_gmt":"2024-03-19T16:21:07","slug":"protect-wordpress-against-brute-force-attacks-using-fail2ban","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/protect-wordpress-against-brute-force-attacks-using-fail2ban\/","title":{"rendered":"Protect WordPress Against Brute force Attacks Using Fail2ban"},"content":{"rendered":"<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"970\" height=\"398\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/fail2ban-protect-wordpress-logins.png\" alt=\"Protect WordPress Against Brute force Attacks Using Fail2ban\" class=\"wp-image-8139\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/fail2ban-protect-wordpress-logins.png?v=1615484928 970w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/fail2ban-protect-wordpress-logins-768x315.png?v=1615484928 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/fail2ban-protect-wordpress-logins-150x62.png?v=1615484928 150w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/fail2ban-protect-wordpress-logins-300x123.png?v=1615484928 300w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/fail2ban-protect-wordpress-logins-696x286.png?v=1615484928 696w\" sizes=\"(max-width: 970px) 100vw, 970px\" \/><\/figure><\/div>\n\n\n<p>In this tutorial, you will learn about how to protect WordPress against brute force attacks using Fail2ban. <a aria-label=\"Fail2ban (opens in a new tab)\" href=\"https:\/\/www.fail2ban.org\/wiki\/index.php\/Main_Page\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Fail2ban<\/a> is a python based intrusion prevention tool that;<\/p>\n\n\n\n<p><em>monitors log files (e.g. \/var\/log\/auth.log,\/var\/log\/apache\/access.log) and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. Fail2ban allows easy specification of different actions to be taken such as to ban an IP using iptables or hostsdeny rules, or simply to send a notification email.<\/em><\/p>\n\n\n\n<p><em>By default, it comes with filter expressions for various services (sshd, apache, proftpd, sasl, etc.) but configuration can be easily extended for monitoring any other text file. All filters and actions are given in the config files, thus fail2ban can be adopted to be used with a variety of files and firewalls. Following recommends are listed:<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><em>iptables\/nftables &#8212; default installation uses iptables for banning. nftables is also supported. You most probably need it<\/em><\/li>\n\n\n\n<li><em>whois &#8212; used by a number of mail-whois actions to send notification emails with whois information about attacker hosts. Unless you will use those you don&#8217;t need whois<\/em><\/li>\n\n\n\n<li><em>python3-pyinotify &#8212; unless you monitor services logs via systemd, you need pyinotify for efficient monitoring for log files changes.<\/em><\/li>\n<\/ul>\n\n\n\n<p>Are you using WordPress and looking for a professional WordPress website builder? Look no further since <a href=\"https:\/\/trk.elementor.com\/8uczdzzsxgza-webcreatorsred\" target=\"_blank\" rel=\"noreferrer noopener\">Elementor can help you create beautiful pages<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Using Fail2ban to Protect WordPress Against Brute force Attacks<\/h2>\n\n\n\n<p>As much as there are multiple ways of protecting WordPress logins against brute force attacks such as <a aria-label=\" (opens in a new tab)\" href=\"https:\/\/kifarunix.com\/restrict-access-to-wordpress-login-page-to-specific-ips-with-libmodsecurity\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Restricting Access to WordPress Login Page to Specific IPs with libModSecurity<\/a>, this guide will focus on the use of Fail2ban for that purpose.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Installing Fail2ban<\/h3>\n\n\n\n<p>To begin with, install Fail2ban on your host system. Installation of Fail2ban varies from one Linux distribution to the other.<\/p>\n\n\n\n<p>If you are on an Ubuntu\/Debian system, simply run the command below to install Fail2ban;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt update<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt install fail2ban<\/code><\/pre>\n\n\n\n<p>On CentOS and similar distros, run the commands below to install Fail2ban;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>dnf install epel-release<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>dnf update<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>dnf install fail2ban<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Configure Fail2ban to Protect WordPress Authentications against Brute force attacks<\/h3>\n\n\n\n<p>First off, you need to know that Fail2ban <em>monitors log files (e.g. \/var\/log\/auth.log,\/var\/log\/apache\/access.log) and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. Fail2ban allows easy specification of different actions to be taken such as to ban an IP using iptables or hostsdeny rules<\/em>&#8230;<\/p>\n\n\n\n<p>To effectively ban or block offending IP addresses, Fail2ban uses <strong><code>jails<\/code><\/strong> which is basically a combination of various <strong><code>filters<\/code><\/strong> and <strong><code>actions<\/code><\/strong>. <strong><code>Fail2ban filters<\/code><\/strong> are just but regular that matches a specific pattern in the respective log file being monitored. The can pattern can correspond to a failed login attempt, request status code, request URI or any other suspicious activity. <strong><code>Fail2ban actions<\/code><\/strong> on the other hand define commands that are executed when the filter matches a specified pattern such as suspicious IP address.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Create Fail2ban WordPress Jail<\/h4>\n\n\n\n<p>   Fail2ban has four configuration file types:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><code>fail2ban.conf<\/code><\/strong>: Fail2Ban global configuration (such as logging)<\/li>\n\n\n\n<li><strong><code>filter.d\/*.conf<\/code><\/strong>: Filters specifying how to detect authentication failures<\/li>\n\n\n\n<li><code><strong>action.d\/*.conf<\/strong><\/code>: Actions defining the commands for banning and unbanning of IP address<\/li>\n\n\n\n<li><code><strong>jail.conf<\/strong><\/code>: Jails defining combinations of Filters with Actions.<\/li>\n<\/ul>\n\n\n\n<p>Note: <strong><em>It is recommended that *.conf files should remain unchanged to ease upgrades. If needed, customizations should be provided in *.local files.<\/em><\/strong><\/p>\n\n\n\n<p>Copy the <code>jail.conf<\/code> file to <code><strong>jail.local<\/strong><\/code> file;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>cp \/etc\/fail2ban\/jail.{conf,local}<\/code><\/pre>\n\n\n\n<p>Next, edit the <code><strong>jail.local<\/strong><\/code> file and set the default parameters under the <code><strong>[DEFAULT]<\/strong><\/code> section.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>vim \/etc\/fail2ban\/jail.local<\/code><\/pre>\n\n\n\n<p>Some of the parameters we will adjust include;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>ignoreip:<\/strong>&nbsp;specifies IP addresses or hostnames to ignore.<\/li>\n\n\n\n<li><strong>bantime:<\/strong>&nbsp;defines the duration in seconds of how long a host is banned. The default is 600 seconds (10 minutes).<\/li>\n\n\n\n<li><strong>maxretry:<\/strong>&nbsp;defines the number of failures before a is banned.<\/li>\n\n\n\n<li><strong>findtime:<\/strong>&nbsp;defines a time period within which if a host exceeds the&nbsp;<strong>maxretry<\/strong>&nbsp;value, it is banned.<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>...\nignoreip = 127.0.0.1\/8 192.168.57.33\n...\nbantime  = 3600\n...\nfindtime  = 60\n...\nmaxretry = 3<\/code><\/pre>\n\n\n\n<p>This basically means, if there will be any suspicious activity like more than 3 failed logins within a duration of one minute, the suspicious host, except localhost and 192.168.57.33, will be banned for one hour.<\/p>\n\n\n\n<p>Once you have defined the default options above, create a jail for wordpress. For example, paste the content below at the bottom of the jail.local file above;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>...\n# WordPress Jail\n&#91;wordpress-auths]\nenabled = true\nport = http,https\nfilter = wordpress-auth\nlogpath = \/var\/log\/apache2\/wp.access.log<\/code><\/pre>\n\n\n\n<p><strong>You can adjust all these settings to meet your needs!!<\/strong><\/p>\n\n\n\n<p>Most options above are self explanatory. The filter specifies the name of the filter that we will create to <code><strong>filter<\/strong><\/code> the logs that identifies the WordPress logins logs in the log file defined by the <strong><code>logpath<\/code><\/strong>.<\/p>\n\n\n\n<p>Save and exit the file.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Create Fail2ban WordPress Login Filter<\/h4>\n\n\n\n<p>Next you need to create a filter to define a regular expression that filters out the WordPress authentication logs from the specified log file.<\/p>\n\n\n\n<p>Note that, in our case, we use the log file, <code><strong>\/var\/log\/apache2\/wp.access.log<\/strong><\/code>.<\/p>\n\n\n\n<p>For every WordPress login attempt, a <strong><code>POST<\/code><\/strong> request is sent to <strong><code>\/wp-login.php<\/code><\/strong> file with 200 status code and is written to the Web server access log. Below are the sample logs for our logins;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>tail -f \/var\/log\/apache2\/wp.access.log | grep \"POST \/wp-login.php\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>192.168.57.33 - - &#91;11\/Mar\/2021:20:18:15 +0000] \"POST \/wp-login.php HTTP\/1.1\" 200 2825 \"http:\/\/kifarunix-demo.com\/wp-login.php\" \"Mozilla\/5.0 (X11; Linux x86_64; rv:78.0) Gecko\/20100101 Firefox\/78.0\"\n192.168.57.1 - - &#91;11\/Mar\/2021:20:19:14 +0000] \"POST \/wp-login.php HTTP\/1.1\" 200 2815 \"http:\/\/kifarunix-demo.com\/wp-login.php\" \"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/89.0.4389.72 Safari\/537.36\"<\/code><\/pre>\n\n\n\n<p>So while creating our filter, we will use a regex that filters out such kind of log lines from the log file.<\/p>\n\n\n\n<p>Multiple Fail2ban filters are located under, <code><strong>\/etc\/fail2ban\/filter.d\/<\/strong><\/code>. You can check any of them on how filters can be created.<\/p>\n\n\n\n<p>Create a WordPress authentication filter. Pay attention the name of the filter configuration file<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>vim \/etc\/fail2ban\/filter.d\/wordpress-auth.conf<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;Definition]\nfailregex = ^&lt;HOST&gt; .* \"POST \/wp-login.php HTTP.* 200<\/code><\/pre>\n\n\n\n<p>That is a sample failregex for our WordPress logins.<\/p>\n\n\n\n<p>Save and exit. You can add more filters that suits your needs.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Test Fail2ban WordPress Filter<\/h4>\n\n\n\n<p>To verify if your filter can match the pattern in the log files, use <code><strong>fail2ban-regex<\/strong><\/code> tool as follows.<\/p>\n\n\n\n<p>Command synopsis.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>fail2ban-regex &#91;OPTIONS] &lt;LOG&gt; &lt;REGEX&gt; &#91;IGNOREREGEX]<\/code><\/pre>\n\n\n\n<p>So to test our WordPress filter;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>fail2ban-regex \/var\/log\/apache2\/wp.access.log \/etc\/fail2ban\/filter.d\/wordpress-auth.conf<\/code><\/pre>\n\n\n\n<p>Sample output showing matched lines;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Running tests\n=============\n\nUse   failregex filter file : wordpress-auth, basedir: \/etc\/fail2ban\nUse         log file : \/var\/log\/apache2\/wp.access.log\nUse         encoding : UTF-8\n\n\nResults\n=======\n\nFailregex: 10 total\n|-  #) &#91;# of hits] regular expression\n|   1) &#91;10] ^&lt;HOST&gt; .* \"POST \/wp-login.php HTTP.* 200\n`-\n\nIgnoreregex: 0 total\n\nDate template hits:\n|- &#91;# of hits] date format\n|  &#91;577] Day(?P&lt;_sep&gt;&#91;-\/])MON(?P=_sep)ExYear&#91; :]?24hour:Minute:Second(?:\\.Microseconds)?(?: Zone offset)?\n`-\n\nLines: 577 lines, 0 ignored, 10 matched, 567 missed\n&#91;processed in 0.25 sec]\n\nMissed line(s): too many to print.  Use --print-all-missed to print all 567 lines<\/code><\/pre>\n\n\n\n<p>That confirms that the filter works fine.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Running Fail2ban<\/h4>\n\n\n\n<p>Restart Fail2ban service. Note that is started and enabled to run on system boot upon installation.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>systemctl restart fail2ban<\/code><\/pre>\n\n\n\n<p>Checking the status;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>systemctl status fail2ban<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>\u25cf fail2ban.service - Fail2Ban Service\n     Loaded: loaded (\/lib\/systemd\/system\/fail2ban.service; enabled; vendor preset: enabled)\n     Active: active (running) since Thu 2021-03-11 20:43:32 UTC; 44s ago\n       Docs: man:fail2ban(1)\n    Process: 5484 ExecStartPre=\/bin\/mkdir -p \/run\/fail2ban (code=exited, status=0\/SUCCESS)\n   Main PID: 5486 (f2b\/server)\n      Tasks: 7 (limit: 2282)\n     Memory: 11.8M\n     CGroup: \/system.slice\/fail2ban.service\n             \u2514\u25005486 \/usr\/bin\/python3 \/usr\/bin\/fail2ban-server -xf start\n\nMar 11 20:43:32 ubuntu20 systemd&#91;1]: Starting Fail2Ban Service...\nMar 11 20:43:32 ubuntu20 systemd&#91;1]: Started Fail2Ban Service.\nMar 11 20:43:33 ubuntu20 fail2ban-server&#91;5486]: Server ready<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Check Enabled Fail2ban Jails<\/h4>\n\n\n\n<p>Check the enabled jails using <code><strong>fail2ban-client status<\/strong><\/code> command.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>fail2ban-client status<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>Status\n|- Number of jail:\t2\n`- Jail list:\tsshd, wordpress-auths<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Verifying WordPress authentication Protection<\/h3>\n\n\n\n<p>You can simulate events of the multiple failed authentications to WordPress to check if any banning can happen.<\/p>\n\n\n\n<p>While tailing the logs and running failed login test;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>tail -f \/var\/log\/apache2\/wp.access.log | grep \"POST \/wp-login.php\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>192.168.57.1 - - &#91;11\/Mar\/2021:20:47:59 +0000] \"POST \/wp-login.php HTTP\/1.1\" 200 2825 \"http:\/\/kifarunix-demo.com\/wp-login.php\" \"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/89.0.4389.72 Safari\/537.36\"\n192.168.57.1 - - &#91;11\/Mar\/2021:20:48:02 +0000] \"POST \/wp-login.php HTTP\/1.1\" 200 2814 \"http:\/\/kifarunix-demo.com\/wp-login.php\" \"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/89.0.4389.72 Safari\/537.36\"\n192.168.57.1 - - &#91;11\/Mar\/2021:20:48:04 +0000] \"POST \/wp-login.php HTTP\/1.1\" 200 2825 \"http:\/\/kifarunix-demo.com\/wp-login.php\" \"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/89.0.4389.72 Safari\/537.36\"<\/code><\/pre>\n\n\n\n<p>After the third failed login, my IP is blocked and get such error on browser;<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1255\" height=\"569\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban.png\" alt=\"Protect WordPress Against Brute force Attacks Using Fail2ban\" class=\"wp-image-8145\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban.png?v=1615495868 1255w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban-768x348.png?v=1615495868 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban-150x68.png?v=1615495868 150w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban-300x136.png?v=1615495868 300w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban-696x316.png?v=1615495868 696w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban-1068x484.png?v=1615495868 1068w, https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/03\/blocked-ip-address-fail2ban-926x420.png?v=1615495868 926w\" sizes=\"(max-width: 1255px) 100vw, 1255px\" \/><\/figure><\/a><\/div>\n\n\n\n<h4 class=\"wp-block-heading\">Checking Status of Fail2ban Banned IP<\/h4>\n\n\n\n<p>To check the status of the banned IPs, use <code><strong>fail2ban-client<\/strong><\/code> command;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>fail2ban-client status wordpress-auths<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>Status for the jail: wordpress-auths\n|- Filter\n|  |- Currently failed:\t0\n|  |- Total failed:\t3\n|  `- File list:\t\/var\/log\/apache2\/wp.access.log\n`- Actions\n   |- Currently banned:\t1\n   |- Total banned:\t1\n   `- Banned IP list:\t192.168.57.10<\/code><\/pre>\n\n\n\n<p>You can obtain a list of jails using <code><strong>fail2ban-client status<\/strong><\/code> command.<\/p>\n\n\n\n<p>Checking Iptables;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>iptables -L -nv<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>...\nChain f2b-wordpress-auths (1 references)\n pkts bytes target     prot opt in     out     source               destination         \n   21  9078 REJECT     all  --  *      *       192.168.57.1         0.0.0.0\/0            reject-with icmp-port-unreachable\n    0     0 RETURN     all  --  *      *       0.0.0.0\/0            0.0.0.0\/0<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Unbanning Fail2ban Banned IP<\/h4>\n\n\n\n<p>If you want to unban an IP, run the command;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>fail2ban-client set &lt;jail&gt; unbanip &lt;IP&gt;<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>fail2ban-client set wordpress-auths unbanip 192.168.57.1<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Further Reading<\/h4>\n\n\n\n<p><a aria-label=\"Fail2ban Manual (opens in a new tab)\" href=\"https:\/\/www.fail2ban.org\/wiki\/index.php\/Manual\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Fail2ban Manual<\/a><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Other Tutorials<\/h4>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" href=\"https:\/\/kifarunix.com\/visualize-wordpress-user-activity-logs-on-elk-stack\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Visualize WordPress User Activity Logs on ELK Stack<\/a><\/p>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" href=\"https:\/\/kifarunix.com\/create-scrolling-text-box-on-wordpress-newspaper-theme\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Create Scrolling Text Box on WordPress Newspaper Theme<\/a><\/p>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" href=\"https:\/\/kifarunix.com\/how-to-fix-wordpress-could-not-establish-a-secure-connection-to-wordpress-org\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">How to fix WordPress could not establish a secure connection to WordPress.org<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-use-wpscan-wordpress-vulnerability-scanner-ubuntu-18-04\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">How to Install and Use WPScan WordPress Vulnerability Scanner Ubuntu 18.04<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this tutorial, you will learn about how to protect WordPress against brute force attacks using Fail2ban. Fail2ban is a python based intrusion prevention tool<\/p>\n","protected":false},"author":1,"featured_media":8139,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[34,121,292],"tags":[3233,3230,266,3227,3229,3232,3228,3231],"class_list":["post-7720","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-howtos","category-wordpress","tag-brute-force-attacks-wordpress-fail2ban","tag-configure-fail2ban-to-monnitor-apache-logs","tag-fail2ban","tag-protect-wordpress-login-with-fail2ban","tag-protect-wordpress-with-fail2ban","tag-wordpress-authentication-fail2ban","tag-wordpress-brute-force-fail2ban","tag-wordpress-logins","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/7720"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=7720"}],"version-history":[{"count":4,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/7720\/revisions"}],"predecessor-version":[{"id":21913,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/7720\/revisions\/21913"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/8139"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=7720"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=7720"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=7720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}