1 minute reading time (95 words)

Configure fail2ban custom filter and jail to block Joomla brute force login attacks

How to create a custom fail2ban filter and jail to prevent login attempts against the Joomla Administrator back-end website

Create fail2ban filter for Joomla login attempts

nano /etc/fail2ban/filter.d/joomla.conf

[Definition]
failregex = ^<HOST> -.*(GET|POST|HEAD).*(/administrator/index\.php)
ignoreregex = 

Create fail2ban jail for Joomla

 nano /etc/fail2ban/jail.local

[joomla]
enabled = true
port = http,https
filter = joomla
logpath = /var/log/nginx/*access*log
        /var/log/nginx/*error*log
maxretry = 3 

Restart fail2ban

service fail2ban stop && service fail2ban start

Test the fail2ban Joomla filter

fail2ban-regex /var/log/nginx/access.log /etc/fail2ban/filter.d/joomla.conf

Check fail2ban Joomla jail status

fail2ban-client status joomla

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 01 June 2023
You can help support this website by buying me a coffee!
Buy Me A Coffee