Fail2ban: Difference between revisions

From Han Wiki
Jump to navigation Jump to search
iwu
 
mNo edit summary
 
(One intermediate revision by the same user not shown)
Line 4: Line 4:


<code>/etc/fail2ban/filter.d/httpd-ban.conf</code>:
<code>/etc/fail2ban/filter.d/httpd-ban.conf</code>:
<syntaxhighlight lang="conf">
<syntaxhighlight lang="linux-config">
[Definition]
[Definition]
failregex = ^<HOST> .*
failregex = ^<HOST> .*
Line 12: Line 12:


<code>/etc/fail2ban/jail.d/cutomisation.local</code>:
<code>/etc/fail2ban/jail.d/cutomisation.local</code>:
<syntaxhighlight lang="conf">
<syntaxhighlight lang="linux-config">
[httpd]
[httpd]
enabled = true
enabled = true
Line 23: Line 23:
Ban an IP from accessing any of the websites
Ban an IP from accessing any of the websites
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
# fail2ban-client set httpd banip 81.19.140.244
$ sudo fail2ban-client set httpd banip 81.19.140.244
</syntaxhighlight>
</syntaxhighlight>

Latest revision as of 08:16, 19 September 2024

Create a new jail named httpd

/etc/fail2ban/filter.d/httpd-ban.conf: 

[Definition]
failregex = ^<HOST> .*
ignoreregex =


/etc/fail2ban/jail.d/cutomisation.local: 

[httpd]
enabled = true
filter = httpd-ban
port = http,https
logpath = %(nginx_error_log)s


Ban an IP from accessing any of the websites 

$ sudo fail2ban-client set httpd banip 81.19.140.244
Retrieved from "https://wiki.michaelhan.net/index.php?title=Fail2ban&oldid=4444"