install/fail2ban
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
fail2ban/0.8.6/jail.local
Christoph 4dbdf09dc9 Initial commit
2017-11-27 04:23:54 +01:00

145 lines
2.9 KiB
Plaintext
Raw Permalink Blame History

[DEFAULT]
#
# ACTIONS
#
# Default banning action (e.g. iptables, iptables-new,
# iptables-multiport, shorewall, etc) It is used to define
# action_* variables. Can be overridden globally or per
# section within jail.local file
banaction = iptables-multiport-log
mta = sendmail
## - Note:
## - sendmail-only-ban must be configured. See action.d/sendmail-only-ban.local
## -
action_m = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-only-ban_unban[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
## - Choose default action
## -
#action = %(action_m)s
action = %(action_)s
#
# JAILS
#
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
findtime = 600
maxretry = 3
bantime = 86400
[ssh-vservers]
enabled = true
port = ssh
filter = sshd
logpath = /vservers/*/var/log/auth.log
findtime = 600
maxretry = 3
bantime = 86400
[sasl]
enabled = true
port = smtp,ssmtp,submission
filter = sasl
logpath = /var/log/mail.warn
findtime = 600
maxretry = 3
bantime = 43200
## - MAC is sending 3 failed SASL requests before
## - authentication succeeded
## -
## - If running a mailserver, consider that fact!
## -
[sasl-vservers]
enabled = true
port = smtp,ssmtp,submission
filter = sasl
logpath = /vservers/*/var/log/mail.warn
findtime = 30
maxretry = 19
bantime = 10800
[postfix]
enabled = true
port = smtp,ssmtp
filter = postfix
logpath = /vservers/a.mx/var/log/mail.log
findtime = 60
maxretry = 1
bantime = 43200
[postfix-auth-dos]
enabled = true
port = smtp,ssmtp,submission
filter = postfix-auth-dos
logpath = /vservers/a.mx/var/log/mail.log
findtime = 60
maxretry = 60
bantime = 10800
[apache-badbots]
# Ban hosts which agent identifies spammer robots crawling the web
# for email addresses. The mail outputs are buffered.
enabled = true
port = http,https
filter = apache-badbots
logpath = /vservers/www/var/log/apache2/ipv4_requests.log
findtime = 10
maxretry = 1
bantime = 172800
[http-dos]
enabled = true
filter = http-dos
port = http,https
logpath = /vservers/*/var/log/apache2/ipv4_requests.log
maxretry = 600
findtime = 60
bantime = 43200
[wp-login]
enabled = true
filter = wp-login
port = http,https
logpath = /vservers/www/var/log/apache2/ipv4_requests.log
maxretry = 5
findtime = 60
bantime = 86400
[wp-xmlrpc]
enabled = true
filter = wp-xmlrpc
port = http,https
logpath = /vservers/*/var/log/apache2/ipv4_requests.log
maxretry = 5
findtime = 60
bantime = 43200
[owncloud]
enabled = true
filter = owncloud
port = http,https
logpath = /vservers/www/var/log/apache2/ipv4_requests.log
maxretry = 5
findtime = 30
bantime = 600
[pure-ftpd]
enabled = true
filter = pure-ftpd
port = ftp,ftp-data,ftps,ftps-data
logpath = /vservers/*/var/log/pure-ftpd/ftp.log
maxretry = 5
findtime = 600
bantime = 86400
Reference in New Issue View Git Blame Copy Permalink