Resolved plesk wordpress jail flaw

[Dork]

Server operating system version

CentOS 7

Plesk version and microupdate number

Plesk Obsidian Version 18.0.52 Update #3

The wordpress jail treats a perl script as a wordpress object

 

[Peter Debik]

The Wordpress jail reacts on failed Wordpress logins. If your Perl script is named like the Wordpress login and shows a similar behavior then yes, the jail will react.

 

[Dork]

The Wordpress jail reacts on failed Wordpress logins. If your Perl script is named like the Wordpress login and shows a similar behavior then yes, the jail will react.

But Perl files use the extension pl and PHP files the extension php

 

[Kaspar]

I assume you mean the fail2ban jail?

The Wordpress fail2ban filter should (by default) not act on anything other than post requests to a file named wp-login.php. That being said, it depends on what your Perl script does. If it's action matches the fail2ban filter it is possible that the jail gets triggerd.

Post your fail2ban Wordpress rule and filter and an excerpt that contains access entries of the perl script from the access log if you want me to take a more in dept look.

 

[Dork]

I assume you mean the fail2ban jail?

The Wordpress fail2ban filter should (by default) not act on anything other than post requests to a file named wp-login.php. That being said, it depends on what your Perl script does. If it's action matches the fail2ban filter it is possible that the jail gets triggerd.

Post your fail2ban Wordpress rule and filter and an excerpt that contains access entries of the perl script from the access log if you want me to take a more in dept look.

Thanks for your explaination.
It is always a get request and the f2b action came as a result of the http error code 504 (line of the errorlog file)
So I think that I can forget it.