From 118d45dcfd677354af8ac7b76638cb6e138ddff9 Mon Sep 17 00:00:00 2001
From: Edi Septriyanto <me@masedi.net>
Date: Sun, 29 Dec 2024 22:37:44 +0700
Subject: [PATCH] Update Fail2ban WordPress filter

---
 .travis.yml                          | 52 ----------------------------
 etc/fail2ban/filter.d/wordpress.conf |  3 +-
 2 files changed, 1 insertion(+), 54 deletions(-)
 delete mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index c5f1b24..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,52 +0,0 @@
-language: bash
-os: linux
-dist: focal
-sudo: required
-
-before_install:
-  - sudo apt update -qq -y
-  - sudo apt install -qq -y shellcheck
-
-before_script:
-  - "sudo curl -s -o /usr/local/bin/shunit2 https://raw.githubusercontent.com/kward/shunit2/master/shunit2"
-  - "sudo chmod a+x /usr/local/bin/shunit2"
-
-env:
-  - SHUNIT_COLOR='always'
-
-matrix:
-  include:
-    - os: linux
-      dist: bionic
-      script:
-        # Copy dotenv file.
-        - cp .env.dist .env
-        - sed -i "s/ENVIRONMENT=\"production\"/ENVIRONMENT=\"development\"/g" .env
-        - sed -i "s/SERVER_HOSTNAME=\"\"/SERVER_HOSTNAME=\"travis-ci.masedi.net\"/g" .env
-        - sed -i "s/SERVER_IP=\"\"/SERVER_IP=\"127.0.0.1\"/g" .env
-        - sed -i "s/AUTO_INSTALL=false/AUTO_INSTALL=true/g" .env
-        - sed -i "s/AUTO_REMOVE=false/AUTO_REMOVE=true/g" .env
-        - sed -i "s/FORCE_REMOVE=false/FORCE_REMOVE=true/g" .env
-        - sed -i "s/ADMIN_EMAIL=\"mail@example.com\"/ADMIN_EMAIL=\"me@masedi.net\"/g" .env
-        #- sed -i "s/NGINX_INSTALLER=\"repo\"/NGINX_INSTALLER=\"source\"/g" .env
-        - sed -i "s/PHP_VERSION=\"7.4\"/PHP_VERSION=\"7.4\"/g" .env
-        - sed -i "s/PHP_LOADER=\"none\"/PHP_LOADER=\"ioncube\"/g" .env
-        - sed -i "s/PHP_IMAGEMAGICK_INSTALLER=\"repo\"/PHP_IMAGEMAGICK_INSTALLER=\"source\"/g" .env
-        #- sed -i "s/INSTALL_MAILER=false/INSTALL_MAILER=true/g" .env
-        #- sed -i "s/INSTALL_SPFDKIM=false/INSTALL_SPFDKIM=true/g" .env
-        - sed -i "s/SENDER_DOMAIN=\"example.com\"/SENDER_DOMAIN=\"localhost.localhost\"/g" .env
-        - sed -i "s/INSTALL_FAIL2BAN=false/INSTALL_FAIL2BAN=true/g" .env
-        # Run the source through ShellCheck (http://www.shellcheck.net).
-        - shellcheck -s bash -x install.sh
-        - shellcheck -s bash -x remove.sh
-        - shellcheck -s bash -x lib/lemper-*.sh
-        - shellcheck -s bash -x scripts/cleanup_server.sh
-        - shellcheck -s bash -x scripts/helper.sh
-        - shellcheck -s bash -x scripts/install_*.sh
-        - shellcheck -s bash -x scripts/remove_*.sh
-        - shellcheck -s bash -x scripts/secure_server.sh
-        # Run initialization install.
-        - sudo bash scripts/cleanup_server.sh
-        - sudo bash scripts/install_dependencies.sh
-        # Run the install test cases through ShUnit2.
-        - sudo bash shunit2/run_test.sh
\ No newline at end of file
diff --git a/etc/fail2ban/filter.d/wordpress.conf b/etc/fail2ban/filter.d/wordpress.conf
index 75fe8e6..d84af07 100644
--- a/etc/fail2ban/filter.d/wordpress.conf
+++ b/etc/fail2ban/filter.d/wordpress.conf
@@ -1,7 +1,6 @@
 [Definition]
 
-failregex = ^<HOST> .* "POST .*wp-login.php
-            ^<HOST> .* "POST .*xmlrpc.php
+failregex = ^<HOST>.* "POST .*(wp-login.php|xmlrpc.php)([/\?#\\].*)? HTTP/.*" 200|401
             ^<HOST> .* "GET .*" 404 .*
 
 ignoreregex =
\ No newline at end of file