external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-08-15 06:10:55 +00:00
Code Issues Releases Wiki Activity

Merge branch 'master' into nextcloud-14

Browse Source
This commit is contained in:
Yoann Colin 2019-02-02 11:43:14 +01:00 committed by GitHub
commit 04a4cc7b96
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.md
View File

@ -1,9 +1,13 @@
CHANGELOG CHANGELOG
========= =========
In development In Development
-------------- --------------
System:
* Missing brute force login attack prevention (fail2ban) filters which stopped working on Ubuntu 18.04 were added back.
Contacts/Calendar: Contacts/Calendar:
* Upgraded Nextcloud from 13.0.6 to 14.0.6. * Upgraded Nextcloud from 13.0.6 to 14.0.6.

1
conf/fail2ban/filter.d/miab-owncloud.conf
View File

@ -3,5 +3,6 @@
before = common.conf before = common.conf
[Definition] [Definition]
datepattern = %%Y-%%m-%%d %%H:%%M:%%S
failregex=Login failed: .*Remote IP: '<HOST>[\)'] failregex=Login failed: .*Remote IP: '<HOST>[\)']
ignoreregex = ignoreregex =

7
conf/fail2ban/jails.conf
View File

@ -69,13 +69,10 @@ action = iptables-allports[name=recidive]
# So the notification is ommited. This will prevent message appearing in the mail.log that mail # So the notification is ommited. This will prevent message appearing in the mail.log that mail
# can't be delivered to fail2ban@$HOSTNAME. # can't be delivered to fail2ban@$HOSTNAME.
[sasl] [postfix-sasl]
enabled = true enabled = true
[ssh] [sshd]
enabled = true enabled = true
maxretry = 7 maxretry = 7
bantime = 3600 bantime = 3600
[ssh-ddos]
enabled = true

1
setup/system.sh
View File

@ -339,6 +339,7 @@ systemctl restart systemd-resolved
# Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc. # Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc.
rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore
rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config
cat conf/fail2ban/jails.conf \ cat conf/fail2ban/jails.conf \
| sed "s/PUBLIC_IP/$PUBLIC_IP/g" \ | sed "s/PUBLIC_IP/$PUBLIC_IP/g" \
| sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \ | sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \