apache ssl: Do not pass OCSP stapling failures to client

[chef.git] / cookbooks / wordpress / recipes / default.rb

diff --git a/cookbooks/wordpress/recipes/default.rb b/cookbooks/wordpress/recipes/default.rb
index 36485d244b7cb9fa621cdf9f1e1673d5cfd49cfe..545025bcd7b6babbe394c3ff1647b3067813e33f 100644 (file)
--- a/cookbooks/wordpress/recipes/default.rb
+++ b/cookbooks/wordpress/recipes/default.rb
@@ -17,7 +17,7 @@
 # limitations under the License.
 #
 
-include_recipe "apache"
+include_recipe "apache::ssl"
 include_recipe "chef::gems"
 include_recipe "mysql"
 
@@ -30,3 +30,18 @@ package "php-apc"
 
 apache_module "php5"
 apache_module "rewrite"
+
+remote_file "/etc/fail2ban/filter.d/wordpress.conf" do
+  action :create_if_missing
+  source "http://plugins.svn.wordpress.org/wp-fail2ban/trunk/wordpress.conf"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+fail2ban_jail "wordpress" do
+  filter "wordpress"
+  logpath "/var/log/auth.log"
+  ports 80, 443
+  maxretry 6
+end