• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved plesk wordpress jail flaw

Dork

Dork

Regular Pleskian
Server operating system version
CentOS 7
Plesk version and microupdate number
Plesk Obsidian Version 18.0.52 Update #3
The wordpress jail treats a perl script as a wordpress object
 
The Wordpress jail reacts on failed Wordpress logins. If your Perl script is named like the Wordpress login and shows a similar behavior then yes, the jail will react.
 
Peter Debik said:
The Wordpress jail reacts on failed Wordpress logins. If your Perl script is named like the Wordpress login and shows a similar behavior then yes, the jail will react.
Click to expand...
But Perl files use the extension pl and PHP files the extension php
 
I assume you mean the fail2ban jail?

The Wordpress fail2ban filter should (by default) not act on anything other than post requests to a file named wp-login.php. That being said, it depends on what your Perl script does. If it's action matches the fail2ban filter it is possible that the jail gets triggerd.

Post your fail2ban Wordpress rule and filter and an excerpt that contains access entries of the perl script from the access log if you want me to take a more in dept look.
 
Kaspar said:
I assume you mean the fail2ban jail?

The Wordpress fail2ban filter should (by default) not act on anything other than post requests to a file named wp-login.php. That being said, it depends on what your Perl script does. If it's action matches the fail2ban filter it is possible that the jail gets triggerd.

Post your fail2ban Wordpress rule and filter and an excerpt that contains access entries of the perl script from the access log if you want me to take a more in dept look.
Click to expand...
Thanks for your explaination.
It is always a get request and the f2b action came as a result of the http error code 504 (line of the errorlog file)
So I think that I can forget it.
 
You must log in or register to reply here.

Similar threads

brother4
Question Why isn't xmlrpc.php monitored by the WordPress jail in Fail2Ban?
Replies
8
Views
527
Maarten
M
Dork
Question The new plesk jail
Replies
3
Views
285
Dork
Dork
S
Issue Filter for plesk-wordpress jail does not work, any ideas?
Replies
1
Views
351
AYamshanov
AYamshanov
Bitpalast
Resolved Could you please explain changes to the Fail2Ban jails in 18.0.63 in more detail?
Replies
2
Views
336
Bitpalast
Bitpalast
Gianni
Question My IP in jail fail2ban using plesk
Replies
0
Views
186
Gianni
Gianni
Back
Top