Standard shared unremovable folder in /web/

Discussion in 'HOWTO-Related Questions' started by progressed36, Feb 5, 2020.

  1. progressed36

    progressed36 Member

    Hi there,

    Im hoping ISPconfig has a solution for this... First the story:

    As many of you know WordPress is the number one CMS in the world. Recently i came across a lightweight plugin called "WP Fail2ban". Basically what it does is inserts fails and errors in the auth log of the server. This way with the correct jail settings you can actually ban people through fail2ban. It works! within 2 hours i had 30 banned IP addresses from people that tried brute forcing wp-admin/wp-login (settings are: 5 failed logins in 24 hours =ban 24 hours, ill put my jail-settings below for the ones that like the same approach). Yes i know there are plugins that does this without fail2ban, but banning people before they even reach Apache has my preference and more lightweight as many of these plugins are pretty heavy. I also saw a decline in processor load average after enabling this plugin for 3 high traffic websites.

    Now for my question:
    WordPress has an option to upload a (not able to deactivate) must-use plugin option. How can i achieve that everybody that has WordPress installed has a virtual directory of some kind so i don't have to upload this plugin manually every time?

    Here are my jailsettings:
    enabled = true
    filter = wordpress-hard
    logpath = /var/log/auth.log
    maxretry = 5
    port = http,https
    findtime  = 86400
    bantime   = 86400

Share This Page