對 WebServer-Apache 的保護
內容表格
- 1. for PIAF
for PIAF
jail.conf
...
[apache-tcpwrapper]
enabled = true
filter = apache-auth
action = iptables-allports[name=APACHE, port=http, protocol=tcp]
sendmail-whois[name=APACHE, dest=root@localhost, sender=fail2ban@pbx.dyndns.org]
logpath = /var/log/httpd/error_log
maxretry = 3
...
filter.d/apache-auth.conf
[Definition]
# Option: failregex
# Notes.: regex to match the password failure messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>\S+)
# Values: TEXT
#
failregex = [[]client <HOST>[]] user .* authentication failure
[[]client <HOST>[]] user .* not found
[[]client <HOST>[]] user .* password mismatch
[[]client <HOST>[]] user .* not found.*
[[]client <HOST>[]] user .* Password Mismatch
[[]client <HOST>[]] access .* failed, .*
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =
Powered by MindTouch Core