I’m looking after a full roots stack server, and its periodically being bombarded with bruteforce attempts on the wp-login page.
I was wondering how others have been mitigating this. Do people go with a plugin solution or perhaps with fail2ban?
fail2ban would probably be a good bet, but I have no idea how to configure it with ansible roles rather than directly. The plugin WP fail2ban contains a config file I can use, but I need to figure out how to include that jail and add a fail2ban service to the existing ssh one without breaking everything!
Does anyone have any insights or pointers?