With the annoying brute force wordpress hack going round, one way to protect your site(s) would be to use fail2ban, with a configuration something like (which I’ve shamelessly lifted from http://blog.somsip.com/2011/12/protecting-apache-webservers-from-wordpress-admin-login-dictionary-attacks/ ). The below seems to be working, and given it’s relative simplicity it’s obvious how you’d go about changing to protect other POST based scripts … Continue reading Fail2ban filter for WordPress