Initial
This commit is contained in:
Alexey Berezhok
9
install/rpm/fail2ban/action.d/hestia.conf
Normal file
9
install/rpm/fail2ban/action.d/hestia.conf
Normal file
@@ -0,0 +1,9 @@
|
||||
# Fail2Ban configuration file for hestia
|
||||
|
||||
[Definition]
|
||||
|
||||
actionstart = /usr/local/hestia/bin/v-add-firewall-chain <name>
|
||||
actionstop = /usr/local/hestia/bin/v-delete-firewall-chain <name>
|
||||
actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-<name>[ \t]'
|
||||
actionban = /usr/local/hestia/bin/v-add-firewall-ban <ip> <name>
|
||||
actionunban = /usr/local/hestia/bin/v-delete-firewall-ban <ip> <name>
|
||||
10
install/rpm/fail2ban/filter.d/hestia.conf
Normal file
10
install/rpm/fail2ban/filter.d/hestia.conf
Normal file
@@ -0,0 +1,10 @@
|
||||
# Fail2Ban filter for unsuccessful hestia authentication attempts
|
||||
#
|
||||
|
||||
[INCLUDES]
|
||||
before = common.conf
|
||||
|
||||
[Definition]
|
||||
failregex = .* <HOST> failed to login
|
||||
ignoreregex =
|
||||
|
||||
66
install/rpm/fail2ban/jail.local
Normal file
66
install/rpm/fail2ban/jail.local
Normal file
@@ -0,0 +1,66 @@
|
||||
[ssh-iptables]
|
||||
enabled = true
|
||||
filter = sshd
|
||||
action = hestia[name=SSH]
|
||||
logpath = /var/log/secure
|
||||
maxretry = 5
|
||||
|
||||
[vsftpd-iptables]
|
||||
enabled = false
|
||||
filter = vsftpd
|
||||
action = hestia[name=FTP]
|
||||
logpath = /var/log/vsftpd.log
|
||||
maxretry = 5
|
||||
|
||||
[exim-iptables]
|
||||
enabled = true
|
||||
filter = exim
|
||||
action = hestia[name=MAIL]
|
||||
logpath = /var/log/exim/main.log
|
||||
|
||||
[dovecot-iptables]
|
||||
enabled = true
|
||||
filter = dovecot
|
||||
action = hestia[name=MAIL]
|
||||
logpath = /var/log/dovecot.log
|
||||
|
||||
[mysqld-iptables]
|
||||
enabled = false
|
||||
filter = mysqld-auth
|
||||
action = hestia[name=DB]
|
||||
logpath = /var/log/mysql/error.log
|
||||
maxretry = 5
|
||||
|
||||
[hestia-iptables]
|
||||
enabled = true
|
||||
filter = hestia
|
||||
action = hestia[name=HESTIA]
|
||||
logpath = /var/log/hestia/secure
|
||||
maxretry = 5
|
||||
|
||||
[roundcube-auth]
|
||||
enabled = false
|
||||
filter = roundcube-auth
|
||||
action = hestia[name=WEB]
|
||||
logpath = /var/log/roundcube/errors
|
||||
maxretry = 5
|
||||
|
||||
[phpmyadmin-auth]
|
||||
enabled = true
|
||||
filter = phpmyadmin-syslog
|
||||
action = hestia[name=WEB]
|
||||
logpath = /var/log/secure
|
||||
maxretry = 5
|
||||
|
||||
[recidive]
|
||||
enabled = true
|
||||
filter = recidive
|
||||
action = hestia[name=HESTIA]
|
||||
logpath = /var/log/fail2ban.log
|
||||
maxretry = 5
|
||||
findtime = 86400
|
||||
bantime = 864000
|
||||
|
||||
#Uncomment and add your IPs and or domains to the Whitelist
|
||||
#[DEFAULT]
|
||||
#ignoreip = 111.111.111.111 222.222.222.222 subdomain.example.tld example.tld 333.333.333.333
|
||||
Reference in New Issue
Block a user