bayrepo/hestiacp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial

Browse Source
This commit is contained in:
Alexey Berezhok
2024-03-19 22:05:27 +03:00
commit 346a50856b
1572 changed files with 182163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
install/deb/fail2ban/action.d/hestia.conf Normal file
View File

@@ -0,0 +1,9 @@
# Fail2Ban configuration file for hestia
[Definition]
actionstart = /usr/local/hestia/bin/v-add-firewall-chain <name>
actionstop = /usr/local/hestia/bin/v-delete-firewall-chain <name>
actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-<name>[ \t]'
actionban = /usr/local/hestia/bin/v-add-firewall-ban <ip> <name>
actionunban = /usr/local/hestia/bin/v-delete-firewall-ban <ip> <name>

10
install/deb/fail2ban/filter.d/hestia.conf Normal file
View File

@@ -0,0 +1,10 @@
# Fail2Ban filter for unsuccessful hestia authentication attempts
#
[INCLUDES]
before = common.conf
[Definition]
failregex = .* <HOST> failed to login
ignoreregex =

66
install/deb/fail2ban/jail.local Normal file
View File

@@ -0,0 +1,66 @@
[ssh-iptables]
enabled = true
filter = sshd
action = hestia[name=SSH]
logpath = /var/log/auth.log
maxretry = 5
[vsftpd-iptables]
enabled = false
filter = vsftpd
action = hestia[name=FTP]
logpath = /var/log/vsftpd.log
maxretry = 5
[exim-iptables]
enabled = true
filter = exim
action = hestia[name=MAIL]
logpath = /var/log/exim4/mainlog
[dovecot-iptables]
enabled = true
filter = dovecot
action = hestia[name=MAIL]
logpath = /var/log/dovecot.log
[mysqld-iptables]
enabled = false
filter = mysqld-auth
action = hestia[name=DB]
logpath = /var/log/mysql/error.log
maxretry = 5
[hestia-iptables]
enabled = true
filter = hestia
action = hestia[name=HESTIA]
logpath = /var/log/hestia/auth.log
maxretry = 5
[roundcube-auth]
enabled = false
filter = roundcube-auth
action = hestia[name=WEB]
logpath = /var/log/roundcube/errors.log
maxretry = 5
[phpmyadmin-auth]
enabled = true
filter = phpmyadmin-syslog
action = hestia[name=WEB]
logpath = /var/log/auth.log
maxretry = 5
[recidive]
enabled = true
filter = recidive
action = hestia[name=RECIDIVE]
logpath = /var/log/fail2ban.log
maxretry = 5
findtime = 86400
bantime = 864000
#Uncomment and add your IPs and or domains to the Whitelist
#[DEFAULT]
#ignoreip = 111.111.111.111 222.222.222.222 subdomain.example.tld example.tld 333.333.333.333