These changes apply to both the Free and Premium version of WP fail2ban:
- Site Health Tool
- WP fail2ban now integrates with the WordPress Site Health Tool. Among other things, it will try to check for the changes listed here.
You should review its findings after upgrading.
- Updated Filters
- You must update your filters after upgrading, especially if you are using any of the "extra" comment logging as the message format has changed and will not be matched by the old filters; it has also been moved to the "soft" filter.
Unsure how to update your filters? If you're using the standard WordPress Droplet on DigitalOcean, I've created a Gig on Fiverr to update them for you. For other platforms please either post on the forum or send me an email to support; I'll add other Gigs for the most commonly requested platorms.
You should review any custom filters; the "Authentication attempt for unknown user" message has been moved to the "soft" filter.
- Deprecated Constants
- The "extra" comment logging has been improved and moved to the "soft" filter, making the two old constants redundant:
- Replaced by WP_FAIL2BAN_LOG_COMMENT_ATTEMPTS.
- Replaced by WP_FAIL2BAN_COMMENT_ATTEMPT_LOG.
The old constants will work for the time being but are scheduled to be removed in a future release.
- Database Schema
- You should backup the database before upgrading. The v5 schema is not backward compatible with v4; if you need to revert to v4 you will need to restore the backup.
There are two main changes:
- A new IPv6 column. This is essential for operation so is added and populated automatically on upgrade.
- Event columns for Reports. These are for performance so will only be created and populated when you view one of the WP fail2ban admin pages.
Depending on how many Events are in the log, these can take a long time to create. There is an updater page that can add the columns one by one, or you can use the SQL provided to do it manually.
- Cloudflare Integration
- If you are using Cloudflare for your site you should remove the Cloudflare IPs from the Trusted IPs list and instead enable "Trust headers set by Cloudflare". WP fail2ban will then automatically keep the Cloudflare IP list up to date.