-
Notifications
You must be signed in to change notification settings - Fork 0
/
fail2ban
39 lines (36 loc) · 1006 Bytes
/
fail2ban
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# detect password authentication failures
[apache]
enabled = true
filter = apache-auth
action = iptables-multiport[name=auth, port="http,https"]
logpath = /var/log/httpd/fail2ban_log
bantime = 3600
maxretry = 3
ignoreip = 192.0.2.0
# detect spammer robots crawling email addresses
[apache-badbots]
enabled = true
filter = apache-badbots
action = iptables-multiport[name=badbots, port="http,https"]
logpath = /var/log/httpd/fail2ban_log
bantime = 3600
maxretry = 1
ignoreip = 192.0.2.0
# detect potential search for exploits
[apache-noscript]
enabled = true
filter = apache-noscript
action = iptables-multiport[name=noscript, port="http,https"]
logpath = /var/log/httpd/fail2ban_log
bantime = 3600
maxretry = 6
ignoreip = 192.0.2.0
# detect Apache overflow attempts
[apache-overflows]
enabled = true
filter = apache-overflows
action = iptables-multiport[name=overflows, port="http,https"]
logpath = /var/log/httpd/fail2ban_log
bantime = 3600
maxretry = 2
ignoreip = 192.0.2.0