=== WP fail2ban Blocklist ===
Contributors: invisnet
Author URI: https://invis.net/?utm_source=wordpress.org&utm_medium=readme&utm_campaign=wp-fail2ban-addon-blocklist-2.2.2
Plugin URI: https://addons.wp-fail2ban.com/blocklist/?utm_source=wordpress.org&utm_medium=readme&utm_campaign=wp-fail2ban-addon-blocklist-2.2.2
Tags: fail2ban, security, blocklist
Requires at least: 4.9
Tested up to: 6.8
Stable tag: 2.2.2
Requires PHP: 7.4
License: GPLv3 or later
License URI: https://www.gnu.org/licenses/gpl-3.0.html

WP fail2ban Blocklist is a collaborative preemptive blocklist for WordPress.

== Description ==

There are many plugins that use a database to check for malicious IPs **after** they connect, and of course `fail2ban` stops *repeated* attacks, but what if bad IPs could be blocked **before** they attack?

By working collaboratively - sharing attack data - *WP fail2ban Blocklist* does exactly that.

The Blocklist Network Service (BNS) collects attack data from participating sites, performs some analytical magic, and sends back a list of IPs that are attacking sites now but haven't yet attacked that site. In other words, each site periodically gets a unique list of IPs to block **preemptively**.

= GDPR =

The BNS doesn't collect personal data, and bots don't have rights.

That said, the BNS only collects the minimum data required (time, IP, event), and only for IPs that have behaved maliciously.

Of course, it is possible that some data is generated by *people* behaving maliciously, but the BNS has no way to differentiate - and nor should it: an attack is an attack.

= Freemius =

To work, the BNS **must** know:

 * which sites are running the blocklist add-on,
 * which version is in use,
 * and a shared secret for secure communication.
 
Freemius already provides all these, and *WP fail2ban* already uses Freemius; why reinvent the wheel?

Therefore, unlike the core *WP fail2ban* plugin, you *must* opt into Freemius for the blocklist to work.

== Installation ==

1. Ensure [*WP fail2ban*](https://wordpress.org/plugins/wp-fail2ban/) is installed. **N.B.** Requires version **4.4.0** or later.
1. Install via the Plugin Directory, or upload to your plugins directory.
1. Activate the plugin through the 'Plugins' menu in WordPress.
1. Opt into Freemius; the Blocklist will not work without without this.
1. The Blocklist Network Service (BNS) uses the WordPress REST API to communicate. If there is another security plugin installed be sure it allows access to the blocklist endpoint: `/wp-json/wp-fail2ban/v1/blocklist`
1. **Important:** ensure you set `maxretry = 1` in your `wordpress‑hard` or `wpf2b‑blocklist‑hard` jail; the add-on will not work otherwise.

Details of the configuration steps can be found [here](https://docs.wp-fail2ban.com/projects/wp-fail2ban-blocklist/?utm_source=wordpress.org&utm_medium=readme&utm_campaign=wp-fail2ban-addon-blocklist-2.2.2).

== Screenshots ==

1. Dashboard widget

== Changelog ==

= 2.2.2 =
* Fix issue with parsing jails which use journald.
* Fix harmless warning with PHP 8.3.
* Fix documentation links in Site Health checks.

= 2.2.1 =
* Fix issue with opting into Freemius (h/t @Nyanchovy).
* Fix Site Health passing test reported as failing (h/t @Patmos).
* Improve debug code.

= 2.2.0 =
* Add [`WP_FAIL2BAN_ADDON_BLOCKLIST_DEBUG`](https://docs.wp-fail2ban.com/projects/wp-fail2ban-blocklist/en/2.2/defines/constants/WP_FAIL2BAN_ADDON_BLOCKLIST_DEBUG.html?utm_source=wordpress.org&utm_medium=readme&utm_campaign=wp-fail2ban-addon-blocklist-2.2.2).
* Add [`WP_FAIL2BAN_ADDON_BLOCKLIST_DEBUG_TRY_ALL_KEYS`](https://docs.wp-fail2ban.com/projects/wp-fail2ban-blocklist/en/2.2/defines/constants/WP_FAIL2BAN_ADDON_BLOCKLIST_DEBUG_TRY_ALL_KEYS.html?utm_source=wordpress.org&utm_medium=readme&utm_campaign=wp-fail2ban-addon-blocklist-2.2.2).
* Improve i18n.

= 2.1.1 =
* Fix harmless warning with PHP 8.1.
* Compatibility changes for upcoming `WPf2b` release.

= 2.1.0 =
* Add Site Health checks.
* Fix REST authentication issue (CORS headers) with some web servers.

= 2.0.1 =
* Fix harmless warning in dashboard widget; appears only before first polling.
* Fix REST authentication when both free and premium installed.
* Fix help links.

= 2.0.0 =
* **IPv6 support.** (Requires WP fail2ban 5.0 or later).
* Change filter filenames to start with `wpf2b-` instead of `wordpress-`.
* Add queue info to admin dashboard widget.

= 1.1.2 =
* Add mouseover hints to dashboard widget.
* Improve secret key lookup.

= 1.1.1 =
* Fix bug with secret key lookup.

= 1.1.0 =
* Add event queue info to dashboard widget.
* Increase maximum queue to 16384 events.
* Fix bug handling too many events.

= 1.0.2 =
* Minor bug-fix.

= 1.0.1 =
* Minor bug-fix.

= 1.0.0 =
* First WordPress directory release.

== Upgrade Notice ==

= 2.2.2 =
This is a bug-fix release. You do not need to update your filters from 2.0.0.

= 2.2.1 =
This is a bug-fix release. You do not need to update your filters from 2.0.0.

= 2.2.0 =
This is a minor feature release. You do not need to update your filters from 2.0.0.

= 2.1.1 =
This is a bug-fix release. You do not need to update your filters from 2.0.0.

= 2.1.0 =
This is a minor feature release. You do not need to update your filters from 2.0.0.

= 2.0.1 =
This is a bug-fix release. You do not need to update your filters from 2.0.0.

= 2.0.0 =
This is a feature release. Please update your filters from 1.0.0. Please note that the filter files have been renamed.

= 1.1.2 =
This is a bug-fix release. You do not need to update your filters from 1.0.0.

= 1.1.1 =
This is a bug-fix release. You do not need to update your filters from 1.0.0.

= 1.1.0 =
This is a feature release. You do not need to update your filters from 1.0.0.

= 1.0.2 =
This is a bug-fix release. You do not need to update your filters from 1.0.0.

= 1.0.1 =
This is a bug-fix release. You do not need to update your filters from 1.0.0.

= 1.0.0 =
Requires *WP fail2ban* **4.4.0** or later.

