1 minute reading time
(95 words)
Configure fail2ban custom filter and jail to block Joomla brute force login attacks
How to create a custom fail2ban filter and jail to prevent login attempts against the Joomla Administrator back-end website
Create fail2ban filter for Joomla login attempts
nano /etc/fail2ban/filter.d/joomla.conf
[Definition] failregex = ^<HOST> -.*(GET|POST|HEAD).*(/administrator/index\.php) ignoreregex =
Create fail2ban jail for Joomla
nano /etc/fail2ban/jail.local
[joomla] enabled = true port = http,https filter = joomla logpath = /var/log/nginx/*access*log /var/log/nginx/*error*log maxretry = 3
Restart fail2ban
service fail2ban stop && service fail2ban start
Test the fail2ban Joomla filter
fail2ban-regex /var/log/nginx/access.log /etc/fail2ban/filter.d/joomla.conf
Check fail2ban Joomla jail status
fail2ban-client status joomla
Comments