This matches the log that you posted, but then again the one you posted
also works with the log that you posted. Have you tested yours with
fail2ban-regex?
failregex = .*\"POST [^\"]+\" (\d){3} (\d){3}.*$
On Sat, 2015-08-29 at 10:49 +0100, linuxthefish wrote:
> Hi,
>
> I have my wordpress webs
Hi,
I have my wordpress website login page spammed with login attempts,
and I am trying to block these using fail2ban.
The brute force login attempts look like this:
82.165.197.140 - - [29/Aug/2015:05:35:42 -0400] "POST /wp-login.php
HTTP/1.0" 500 251
82.165.197.140 - - [29/Aug/2015:05:35:42 -04
