write into SYSLOG * APACHE -> write into APCACHE ERROR LOG * CUSTOM -> write into log file defined into SP4_AUTHENTICATION_ERROR_LOG_PATH constant * * SP4_AUTHENTICATION_ERROR_LOG_NAME: error log file name ( only in CUSTOM mode ) * e.g. sites_auth_errors.log * * SP4_AUTHENTICATION_ERROR_LOG_PATH: error log file absolute path ( only in CUSTOM mode ) * e.g. /opt/httpd/logs/ * * SP4_AUTHENTICATION_ERROR_LOG_TIMEZONE: time zone to use ( only if current_time() WP function not exists ) * e.g. Europe/Rome * */ if ( ! defined( 'ABSPATH' ) ) { exit; // Exit if accessed directly } if( !defined( 'SP4_ERROR_TYPE' ) ) { // Type of error definition define( 'SP4_ERROR_TYPE', "CUSTOM" ) ; } if( !defined( 'SP4_AUTHENTICATION_ERROR_LOG_NAME' ) ) { // Error log name definition define( 'SP4_AUTHENTICATION_ERROR_LOG_NAME', "sites_auth_errors.log" ) ; } if( !defined( 'SP4_AUTHENTICATION_ERROR_LOG_PATH' ) ) { // Error log absolute path definition define( 'SP4_AUTHENTICATION_ERROR_LOG_PATH', "/storage/www/logs/" ) ; } if( !defined( 'SP4_AUTHENTICATION_ERROR_LOG_TIMEZONE' ) ) { // Timezone definition define( 'SP4_AUTHENTICATION_ERROR_LOG_TIMEZONE', "Europe/Rome" ) ; } /** * WP Actions */ add_action( 'wp_login_failed', 'sp4_fail2ban_login_failed_hook' ); add_filter( 'xmlrpc_pingback_error', 'sp4_fail2ban_pingback_error_hook', 1 ); /** * Functions */ function sp4_fail2ban_login_failed_hook($username) { $site_name = "unknown" ; if( function_exists( "get_bloginfo" ) ) { $tmp_site_name = get_bloginfo('name') ; if( !empty( $tmp_site_name ) ) { $site_name = $tmp_site_name; } } $real_ip = sp4_get_real_ip() ; sp4_log_writer("Authentication failure on [".$site_name."] for ".$username." from ".$real_ip.""); } function sp4_fail2ban_pingback_error_hook($ixr_error) { $site_name = "unknown" ; if( function_exists( "get_bloginfo" ) ) { $tmp_site_name = get_bloginfo('name') ; if( !empty( $tmp_site_name ) ) { $site_name = $tmp_site_name; } } if ( $ixr_error->code === 48 ) return $ixr_error; // don't punish duplication $real_ip = sp4_get_real_ip() ; sp4_log_writer("Pingback error ".$ixr_error->code." generated on [".$site_name."] from ".$real_ip.""); return $ixr_error; } function sp4_log_writer( $data_to_write = "Unkown error for authentication or xmlrpc" ) { /** * Function used for writing the final log */ if( function_exists( "current_time" ) ) { $tmp_time = current_time("D M d H:i:s.u Y") ; if( !empty( $tmp_time ) ) $time = $tmp_time; } else { // Due to WP timezone rewrite date_default_timezone_set(SP4_AUTHENTICATION_ERROR_LOG_TIMEZONE); $time = date("D M d H:i:s.u Y"); } switch( SP4_ERROR_TYPE ) { case "SYSTEM" : // Error by SYSLOG openlog('wordpress('.$_SERVER['HTTP_HOST'].')', LOG_NDELAY|LOG_PID, LOG_AUTHPRIV); syslog(LOG_NOTICE,$data_to_write); break; case "APACHE" : // Error by APACHE ERROR LOG error_log('wordpress('.$_SERVER['HTTP_HOST'].') '.$data_to_write, 0); break; case "CUSTOM" : // Error by custom log if( is_writable( SP4_AUTHENTICATION_ERROR_LOG_PATH ) ) error_log('['.$time.'] wordpress('.$_SERVER['HTTP_HOST'].') '.$data_to_write.PHP_EOL, 3, SP4_AUTHENTICATION_ERROR_LOG_PATH.SP4_AUTHENTICATION_ERROR_LOG_NAME ); else error_log('wordpress('.$_SERVER['HTTP_HOST'].') '.$data_to_write, 0); break; default : // Error by APACHE ERROR LOG error_log('wordpress('.$_SERVER['HTTP_HOST'].') '.$data_to_write, 0); } } function sp4_get_real_ip() { /** * Function used to analyze the user's IP address */ $ip = getenv("REMOTE_ADDR"); // default if (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP"); else if(getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR"); return $ip ; }