Plugin0 - Build Features & Discover WordPress Plugins with AI
Explore
Home Plugins fail2wp
Fail2WP logo

Fail2WP

by joho68 on WordPress.org

Security plugin for WordPress with support for fail2ban. Tested with WordPress 5.5+ and PHP 7.4/8.1.x.

(2)

This WordPress plugin provides security functionality and integration with fail2ban.

It does not require fail2ban to function.

Basic security functionality includes:

  • Disabling login with username (require e-mail address)
  • Allow/Deny login from IP address, hostname (including wildcard support)
  • Preventing user enumeration (?author=nnn)
  • Less detailed error messages on login failures
  • Minimum username length
  • Blocking specific usernames from being used to register new users
  • Requiring e-mail address matching for new user registrations
  • Warning about new user role setting
  • Blocking of portions or all of WordPress REST API
  • Disabling of RSS and Atom feeds
  • Removal of “Generator” information from HTML and feeds
  • Detection of Cloudflare IP addresses for logging of actual IP addresses
  • Blocking/Allowing logins from IP addresses, IP ranges, and/or hostnames
  • Partially or fully disable XMLRPC access

The plugin also plays nicely with Fail2ban, which is an advanced way of blocking IP addresses dynamically upon suspicious behavior.

Other notes:

  • This plugin may work with earlier versions of WordPress
  • This plugin has been tested with WordPress 5.5+ and 6.x at the time of this writing
  • This plugin has been tested with PHP 7.2, 7.4, and 8.1.x at the time of this writing
  • This plugin optionally makes use of mb_ PHP functions
  • This plugin may create entries in your PHP error log (if active)
  • This plugin contains no Javascript
  • This plugin contains no tracking code and does not store any information about users

Credits

The Fail2WP Plugin was written by Joaquim Homrighausen while converting caffeine into code.

Fail2WP is sponsored by WebbPlatsen i Sverige AB, Sweden.

Commercial support and customizations for this plugin is available from WebbPlatsen i Sverige AB in Sweden.

If you find this plugin useful, the author is happy to receive a donation, good review, or just a kind word.

If there is something you feel to be missing from this plugin, or if you have found a problem with the code or a feature, please do not hesitate to reach out to support@webbplatsen.se.

This plugin can also be downloaded from code.webbplatsen.net and GitHub

More detailed documentation is available at code.webbplatsen.net/documentation/fail2wp/

Kudos to Thomas Lutz.

Active installations100+
Weekly downloads
22+22.22%
Version1.2.3
Last updated11/21/2024
WordPress version5.4.0
Tested up to6.7.2
PHP version7.2
Tags
adminauthenticationfail2banfirewallsecurity

Related Plugins

Astra Security Suite – Firewall & Malware Scan logo

Astra Security Suite – Firewall & Malware Scan

Astra is the complete security suite for your WordPress. Rock solid firewall with immediate malware cleanup & security audit for your WordPress.

1K+
WP Face Login – Face Authentication For WordPress logo

WP Face Login – Face Authentication For WordPress

Enable face authentication login with ease

1K+
WebAuthn Provider for Two Factor logo

WebAuthn Provider for Two Factor

WebAuthn authentication provider for Two Factor plugin.

1K+