Fail2ban config start: The Chicken first
1 files modified
2 files added
| | |
|---|
| | | if(is_installed('squid')) $conf['squid']['installed'] = true; |
|---|
| | | if(is_installed('nginx')) $conf['nginx']['installed'] = true; |
|---|
| | | if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true; |
|---|
| | | if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true; |
|---|
| | | if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true; |
|---|
| | | |
|---|
| | | if ($conf['services']['web'] && $conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) $this->ispconfig_interface_installed = true; |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | ?> |
|---|
| | | ?> |
|---|
| New file |
| | |
|---|
| | | [Definition] |
|---|
| | | failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P<host>\S*),.* |
|---|
| | | ignoreregex = |
|---|
| New file |
| | |
|---|
| | | [dovecot-pop3imap] |
|---|
| | | enabled = true |
|---|
| | | filter = dovecot-pop3imap |
|---|
| | | action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] |
|---|
| | | # optionaly mail notification # mail[name=dovecot-pop3imap, dest=root@domain] # see /etc/fail2ban/action.d/ or Fail2Ban doc |
|---|
| | | logpath = /var/log/maillog |
|---|
| | | maxretry = 20 |
|---|
| | | findtime = 1200 |
|---|
| | | bantime = 1200 |
|---|
| | | |
|---|
