Step 3: fail2ban
New Filters
WP fail2ban Blocklist comes with two new filters, hard and soft, for IPs to ban preemptively and on first offence, respectively. At the time of writing only the hard filter is used.
You’ll need to ensure fail2ban knows about the filters, so either copy them into the filter.d/ directory, or symlink them from the plugin. There are advantages and disadvantages to both approaches; if in doubt, copy them.
New Jail
Assuming you already have fail2ban configured for use with WP fail2ban, the new jail should be simple:
Be sureĀ logpath matches the new file you configured in Step 1.
maxretry
maxretry must be set to 1 so that IPs are banned immediately.
bantime
The bantime is important; too short and it will expire before the bot attacks your site, too long and the blocklist is less effective overall.
The current recommended bantime is 1 day (86400 seconds).