WP fail2ban – Advanced Security
WP fail2ban uses fail2ban to protect your WordPress site.
4.2(71 reviews)
·70K+ active installs·Updated 11 months agoAs of April 2026, WP fail2ban is a WordPress login plugin with 70K+ active installations and a 4.2/5 rating from 71 reviews. It has been downloaded 2.0M+ times in total. Requires WordPress 4.2+ and PHP 7.4+. Available on WordPress.org since 2012. Downloads are down 11% this week. Top alternative: WPS Hide Login.
4.2/571 reviews
70K+active installs
2.0M+total downloads
14 yearssince 2012
Overview
fail2ban is one of the simplest and most effective security measures you can implement to protect your WordPress site.
WP fail2ban provides the link between WordPress and fail2ban:
Oct 17 20:59:54 foobar wordpress(www.example.com)[1234]: Authentication failure for admin from 192.168.0.1
Oct 17 21:00:00 foobar wordpress(www.example.com)[2345]: Accepted password for admin from 192.168.0.1
WPf2b comes with three fail2ban filters: wordpress-hard.conf, wordpress-soft.conf, and wordpress-extra.conf. These are designed to allow a split between immediate banning (hard) and the traditional more graceful approach (soft), with extra rules for custom configurations.
Features
-
Failed Login Attempts
The very first feature of WPf2b: logging failed login attempts so the IP can be banned. Just as useful…
Ratings & Reviews
4.271 reviews
5 ★
51
4 ★
4
3 ★
2
2 ★
4
1 ★
10
Recent Reviews
SPAM
by Above All Media·7 months ago
The plugin spams dashboard with the banner that cannot be dismissed and keeps reappearing.
Credit Card Fraudsters
by aiwetir·11 months ago
They never refunded me after my cancellation request, they charged me another month. They don’t respond to my support emails.
The free plugin works so poorly, you may as well just learn to install Fail2ban from other online tutorials and you’ll have much better success anyways
SPAM
by Gennady Kurushin·1 year ago
The plugin spams dashboard with the banner that cannot be dismissed and keeps reappearing.
very annoying
by brt·1 year ago
if you manage to set it up correctly, it does what you expect, but …
creates an annoying warning in site-health if the blocklist addon is not installed, which is not free, and it hides the fact that it is not free, until you have subscribed to freemius, in my opinion this is really bad.
the contained site-health-script checks for /usr/bin/systemctl which is by default not within allowed paths for PHP on systems using open_basedir restrictions, so it creates PHP warnings everytime the script is accessed.
the code looks quite bloated for such simple functionality.
the plugin needs to be configured by adding constants to your wp-config.php file, normal GUI-configuration deactivated until you go premium.
- This topic was modified 1 year, 8 months ago by brt.
Prevenire e meglio che curare
by Mac Boris Perc·1 year ago·1 reply
Prevention is better than cure.
Download Trends
Today: 205Yesterday: 239This week: 1KPeriod total: 147K
Compatibility
| WordPress | 4.2+ requiredTested up to 6.8.5 |
| PHP | 7.4+ required |
Version Adoption
v5.4
75.3%
Other
13.2%
v5.2
6.4%
v5.3
5.1%
Top Alternatives to WP fail2ban – Advanced Security
Frequently Asked Questions
Changelog
5.4.1-LTS
- Fix compatibility for WordPress 6.8.
- Fix incorrect dependency requiring PHP>=8.1. [Premium only]
- Add license for Packagist.
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.