Untitled

1. # Fail2Ban configuration file
2. #
3. #
4. #
5.  
6. # The DEFAULT allows a global definition of the options. They can be override
7. # in each jail afterwards.
8.  
9. [DEFAULT]
10.  
11. # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
12. # ban a host which matches an address in this list. Several addresses can be
13. # defined using space separator.
14. ignoreip = 127.0.0.1 216.70.86.196
15. bantime  = 86400
16. findtime  = 300
17. maxretry = 5
18. backend = auto
19. usedns = yes
20.  
21. #Filters
22.  
23. [ssh-iptables]
24.  
25. enabled  = true
26. filter   = sshd
27. action   = iptables[name=SSH, port=22149, protocol=tcp]
28.            sendmail-whois[name=SSH, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
29. logpath  = /var/log/secure
30.  
31. [proftpd-iptables]
32.  
33. enabled  = true
34. filter   = proftpd
35. action   = iptables-multiport[name= ProFTPD, port="ftp,ftps", protocol=tcp]
36.            sendmail-whois[name=ProFTPD, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
37. logpath  = /var/log/secure
38.  
39. [smtp-iptables]
40.  
41. enabled  = true
42. filter   = smtp
43. backend  = polling
44. action   = iptables[name=smtp, port=smtp, protocol=tcp]
45.            sendmail-whois[name=smtp, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
46. logpath  = /usr/local/psa/var/log/maillog
47. bantime  = 300
48.  
49. [courierlogin-pop3-iptables]
50.  
51. enabled = true
52. filter = courierlogin
53. action = iptables[name=courierlogin, port=pop3, protocol=tcp]
54.          sendmail-whois[name=courierlogin, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
55. logpath = /usr/local/psa/var/log/maillog
56. bantime  = 300
57.  
58. [courierlogin-imap-iptables]
59.  
60. enabled = true
61. filter = courierlogin
62. action = iptables[name=courierlogin, port=imap, protocol=tcp]
63.          sendmail-whois[name=courierlogin, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
64. logpath = /usr/local/psa/var/log/maillog
65. bantime  = 300
66.  
67. [wplogin-iptables]
68. enabled = true
69. filter = wplogin
70. action = iptables-multiport[name=apache-wplogin, port="http,https", protocol=tcp]
71.          sendmail-whois[name=courierlogin, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
72. logpath = /var/www/vhosts/*/statistics/logs/access_log
73. maxretry = 7
74. findtime = 120
75. bantime = 300
76.  
77. [xmlrpc-iptables]
78. enabled = false
79. filter = xmlrpc
80. action = iptables-multiport[name=apache-xmlrpc, port="http,https", protocol=tcp]
81.          sendmail-whois[name=apache-xmlrpc, dest=pat@digitalrelativity.com, sender=fail2ban@outdoor.sy]
82. logpath = /var/www/vhosts/*/statistics/logs/access_log
83. maxretry = 4
84. findtime = 60
85. bantime = 300