Step 3: fail2ban

New Filters

WP fail2ban Blocklist comes with two new filters, hard and soft, for IPs to ban preemptively and on first offence, respectively. At the time of writing only the hard filter is used.

You’ll need to ensure fail2ban knows about the filters, so either copy them into the filter.d/ directory, or symlink them from the plugin. There are advantages and disadvantages to both approaches; if in doubt, copy them.

New Jail

Assuming you already have fail2ban configured for use with WP fail2ban, the new jail should be simple:

[wpf2b-blocklist-hard]
enabled = true
filter = wpf2b-blocklist-hard
logpath = /var/log/wpf2b-blocklist.log
maxretry = 1
bantime = 86400

Be sure logpath matches the new file you configured in Step 1.

maxretry

maxretry must be set to 1 so that IPs are banned immediately.

bantime

The bantime is important; too short and it will expire before the bot attacks your site, too long and the blocklist is less effective overall.

The current recommended bantime is 1 day (86400 seconds).