* fail2ban ssh/ssh-ddos and sasl are now sshd and postfix-sasl * specified custom datepattern for miab-owncloud.conf
This commit is contained in:
jvolkenant
Joshua Tauberer
parent
c7659d9053
commit
c60e3dc842
|
|
@ -1,6 +1,13 @@
|
|||
CHANGELOG
|
||||
=========
|
||||
|
||||
In Development
|
||||
--------------
|
||||
|
||||
System:
|
||||
|
||||
* Missing brute force login attack prevention (fail2ban) filters which stopped working on Ubuntu 18.04 were added back.
|
||||
|
||||
v0.40 (January 12, 2019)
|
||||
------------------------
|
||||
|
||||
|
|
|
|||
|
|
@ -3,5 +3,6 @@
|
|||
before = common.conf
|
||||
|
||||
[Definition]
|
||||
datepattern = %%Y-%%m-%%d %%H:%%M:%%S
|
||||
failregex=Login failed: .*Remote IP: '<HOST>[\)']
|
||||
ignoreregex =
|
||||
|
|
|
|||
|
|
@ -69,13 +69,10 @@ action = iptables-allports[name=recidive]
|
|||
# So the notification is ommited. This will prevent message appearing in the mail.log that mail
|
||||
# can't be delivered to fail2ban@$HOSTNAME.
|
||||
|
||||
[sasl]
|
||||
[postfix-sasl]
|
||||
enabled = true
|
||||
|
||||
[ssh]
|
||||
[sshd]
|
||||
enabled = true
|
||||
maxretry = 7
|
||||
bantime = 3600
|
||||
|
||||
[ssh-ddos]
|
||||
enabled = true
|
||||
|
|
|
|||
|
|
@ -339,6 +339,7 @@ systemctl restart systemd-resolved
|
|||
|
||||
# Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc.
|
||||
rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore
|
||||
rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config
|
||||
cat conf/fail2ban/jails.conf \
|
||||
| sed "s/PUBLIC_IP/$PUBLIC_IP/g" \
|
||||
| sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \
|
||||
|
|
|
|||
Loading…
Reference in New Issue