Protect your Server with Fail2Ban

Fail2ban is a program that scan your log files for any malicious behavior, and automatically block the offending IP.

The default Fail2ban installation on Ubuntu will protect ssh, but in this article I will show how to protect against WordPress comment spammers too, to slow them down.

Installation & Configuration

# Install fail2ban
$ sudo apt-get install fail2ban

# Copy default config to custom config
$ sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

# Add your own IPs so they never get blocked
$ sudo vi /etc/fail2ban/jail.local
:
ignoreip = 127.0.0.1/8 10.0.0.0/8 192.168.1.5
:

# restart it
$ sudo service fail2ban restart

Fail2ban is now configured and running.

You can use the following commands to inspect and trouble shoot its operation:

# fail2ban usually add new rules to your IPTables
$ sudo iptables -L

# You can check the status of specific rules using the command:
$ sudo fail2ban-client status ssh

# and of course check log to see if it is working:
$ sudo tail -f /var/log/fail2ban.log 

Protecting WordPress Comments

By default fail2ban protect many services including ssh but let’s assume you want to protect WordPress from spam bots trying to post comments on your blog.

First we add a filter to catch the attempts by creating new filter file named “/etc/fail2ban/filter.d/wordpress-comment.conf”:

$ sudo vi /etc/fail2ban/filter.d/wordpress-comment.conf 
#
# Block IPs trying to post many comments
#
[Definition]
failregex = ^<HOST> -.*POST /wordpress/wp-comments-post.php

Then we create a new JAIL by adding the following to “jail.local” file:

$ sudo vi /etc/fail2ban/jail.local
:
:
[wordpress-comment]
enabled = true
port = http,https
filter = wordpress-comment
logpath = /var/log/apache2/*access*.log
bantime = 3600
maxretry = 5

Then restart fail2ban using:

sudo service fail2ban restart

Note: To test if your filter work you can use the command “fail2ban-regex”:

fail2ban-regex /var/log/apache2/other_vhosts_access.log filter.d/wordpress-comment.conf 

Supporting Right-to-Left (for Arabic) in WordPress: the Easy Way

This post is an update of previous old post: Supporting right to left writing (for Arabic) in WordPress

In my blog I write in both languages English and Arabic, but I have to switch text direction from the template default English direction “Left to Right” to Arabic “Right to Left”.
One way do to it is to add HTML tags in each Arabic entry, you can also add a “Custom Field” in the post and add special processing instruction in your template to add the needed “RTL” HTML tags.

I found an easier way to do it, I noticed that WordPress new templates add an HTML class to your post for each “Tag” you add in your post, e.g. if you add a tag named “python” in the post you will get “.tag-python” in your HTML, so I decided to utilise this facility by adding the tag “arabic” to any post I want to view in Arabic, and I added the needed CSS attributes to the class “.tag-arabic”.

You can even change you CSS from the admin interface, from “Appearance > Edit CSS” then added the following CSS snippet:

.tag-arabic {
	direction: rtl;
	text-align: right;
	font-size: 130%;
}

Note: I enlarged the font size in Arabic posts for readability, Arabic font don’t render very well in small sizes.