install/fail2ban
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add 'README.apache-formspam' and 'README.webpath-abuse'.

Browse Source
This commit is contained in:
Christoph
2025-08-03 01:12:45 +02:00
parent dc048a6d88
commit f1400dd087
2 changed files with 94 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
README.apache-formspam Normal file
View File

@ -0,0 +1,50 @@
# ---
# README..apache-formspam
# ---
# Es sollen bestimmte POST requests abgesichert werden.
#
# abzusichernde Formularseiten:
#
# /suche/
# /profile/register.php
# /profile/forgotPassword.php
# /abo-service/kuendigung.php
#
# Filterdatei /etc/fail2ban/filter.d/apache-formspam.conf
#
cat <<'EOF' > /etc/fail2ban/filter.d/apache-formspam.conf
[Definition]
failregex = ^<HOST> - .* "POST (/suche/|/profile/register\.php|/profile/forgotPassword\.php|/abo-service/kuendigung\.php) HTTP/.*"
ignoreregex =
EOF
# Jail-Konfiguration: /etc/fail2ban/jail.d/apache-formspam.conf
#
cat <<'EOF' > /etc/fail2ban/jail.d/apache-formspam.conf
[apache-formspam]
enabled = true
filter = apache-formspam
logpath = /var/log/apache2/nd-aktuell-access.log
maxretry = 100
findtime = 600
bantime = 1800
EOF
# Filter testen
#
fail2ban-regex /var/log/apache2/nd-aktuell-access.log /etc/fail2ban/filter.d/apache-formspam.conf
# fail2ban neu laden
#
systemctl restart fail2ban
# Status prüfen:
#
fail2ban-client status apache-formspam