Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Fail2Ban configuration file
- #
- #
- #
- # The DEFAULT allows a global definition of the options. They can be override
- # in each jail afterwards.
- [DEFAULT]
- # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
- # ban a host which matches an address in this list. Several addresses can be
- # defined using space separator.
- ignoreip = 127.0.0.1 216.70.86.196
- bantime = 86400
- findtime = 300
- maxretry = 5
- backend = auto
- usedns = yes
- #Filters
- [ssh-iptables]
- enabled = true
- filter = sshd
- action = iptables[name=SSH, port=22149, protocol=tcp]
- sendmail-whois[name=SSH, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
- logpath = /var/log/secure
- [proftpd-iptables]
- enabled = true
- filter = proftpd
- action = iptables-multiport[name= ProFTPD, port="ftp,ftps", protocol=tcp]
- sendmail-whois[name=ProFTPD, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
- logpath = /var/log/secure
- [smtp-iptables]
- enabled = true
- filter = smtp
- backend = polling
- action = iptables[name=smtp, port=smtp, protocol=tcp]
- sendmail-whois[name=smtp, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
- logpath = /usr/local/psa/var/log/maillog
- bantime = 300
- [courierlogin-pop3-iptables]
- enabled = true
- filter = courierlogin
- action = iptables[name=courierlogin, port=pop3, protocol=tcp]
- sendmail-whois[name=courierlogin, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
- logpath = /usr/local/psa/var/log/maillog
- bantime = 300
- [courierlogin-imap-iptables]
- enabled = true
- filter = courierlogin
- action = iptables[name=courierlogin, port=imap, protocol=tcp]
- sendmail-whois[name=courierlogin, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
- logpath = /usr/local/psa/var/log/maillog
- bantime = 300
- [wplogin-iptables]
- enabled = true
- filter = wplogin
- action = iptables-multiport[name=apache-wplogin, port="http,https", protocol=tcp]
- sendmail-whois[name=courierlogin, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
- logpath = /var/www/vhosts/*/statistics/logs/access_log
- maxretry = 7
- findtime = 120
- bantime = 300
- [xmlrpc-iptables]
- enabled = false
- filter = xmlrpc
- action = iptables-multiport[name=apache-xmlrpc, port="http,https", protocol=tcp]
- sendmail-whois[name=apache-xmlrpc, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
- logpath = /var/www/vhosts/*/statistics/logs/access_log
- maxretry = 4
- findtime = 60
- bantime = 300
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement