Upgrading to Version 5


2023/01/16: Feature Change, Free, New Feature, Premium, v5.0, WPf2b


These changes apply to both the Free and Premium version of WP fail2ban:

Site Health Tool
WP fail2ban now integrates with the WordPress Site Health Tool. Among other things, it will try to check for the changes listed here.
You should review its findings after upgrading.
Updated Filters
You must update your filters after upgrading, especially if you are using any of the "extra" comment logging as the message format has changed and will not be matched by the old filters; it has also been moved to the "soft" filter.

Unsure how to update your filters? If you're using the standard WordPress Droplet on DigitalOcean, I've created a Gig on Fiverr to update them for you. For other platforms please either post on the forum or send me an email to support; I'll add other Gigs for the most commonly requested platorms.

You should review any custom filters; the "Authentication attempt for unknown user" message has been moved to the "soft" filter.

Deprecated Constants
The "extra" comment logging has been improved and moved to the "soft" filter, making the two old constants redundant:


The old constants will work for the time being but are scheduled to be removed in a future release.

Premium only

Database Schema
You should backup the database before upgrading. The v5 schema is not backward compatible with v4; if you need to revert to v4 you will need to restore the backup.

There are two main changes:

  1. A new IPv6 column. This is essential for operation so is added and populated automatically on upgrade.
  2. Event columns for Reports. These are for performance so will only be created and populated when you view one of the WP fail2ban admin pages.
    Depending on how many Events are in the log, these can take a long time to create. There is an updater page that can add the columns one by one, or you can use the SQL provided to do it manually.
Cloudflare Integration
If you are using Cloudflare for your site you should remove the Cloudflare IPs from the Trusted IPs list and instead enable "Trust headers set by Cloudflare". WP fail2ban will then automatically keep the Cloudflare IP list up to date.