diff --git a/conf/fail2ban/jail.local b/conf/fail2ban/jail.local index dd0842d1..53a6a08a 100644 --- a/conf/fail2ban/jail.local +++ b/conf/fail2ban/jail.local @@ -71,7 +71,7 @@ action = iptables-allports[name=recidive] # enabled = true # filter = owncloud # action = sendmail-whois-lines[name=owncloud, dest="@.,@.,fail2ban@blocklist.de", sender=fail2ban@box.., sendername="Fail2Ban"] -# logpath = /home/user-data/owncloud/owncloud.log +# logpath = STORAGE_ROOT/owncloud/owncloud.log # maxretry = 20 # findtime = 300 # bantime = 300 @@ -99,7 +99,7 @@ enabled = true port = http,https filter = miab-owncloud # action = sendmail-whois-lines[name=miab-owncloud, dest="@.,@.,fail2ban@blocklist.de", sender=fail2ban@box.., sendername="Fail2Ban"] -logpath = /home/user-data/owncloud/owncloud.log +logpath = STORAGE_ROOT/owncloud/owncloud.log maxretry = 20 findtime = 30 diff --git a/conf/fail2ban/owncloud.conf b/conf/fail2ban/owncloud.conf new file mode 100644 index 00000000..c62763d0 --- /dev/null +++ b/conf/fail2ban/owncloud.conf @@ -0,0 +1,8 @@ +[INCLUDES] +before = common.conf + +[Definition] +_daemon = owncloud + +failregex = {"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: ''\)","level":2,"time":".*","method":".*} +ignoreregex = diff --git a/setup/system.sh b/setup/system.sh index 57d6aec2..86234213 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -321,6 +321,7 @@ cp conf/fail2ban/miab-munin.conf /etc/fail2ban/filter.d/miab-munin.conf cp conf/fail2ban/miab-owncloud.conf /etc/fail2ban/filter.d/miab-owncloud.conf cp conf/fail2ban/miab-postfix-submission.conf /etc/fail2ban/filter.d/miab-postfix-submission.conf cp conf/fail2ban/miab-roundcube.conf /etc/fail2ban/filter.d/miab-roundcube.conf +cp conf/fail2ban/owncloud.conf /etc/fail2ban/filter.d/owncloud.conf restart_service fail2ban