Fail2ban: differenze tra le versioni

Riga 148: Riga 148:
bantime = 600
bantime = 600
action = iptables[name=HTTP, port=http, protocol=tcp]
action = iptables[name=HTTP, port=http, protocol=tcp]
</pre>
Dovremo quindi creare la regola dell'unico filtro mancante nel pacchetto installato dai repository:
<pre>
# nano /etc/fail2ban/filters.d/http-get-dos.conf
</pre>
con questo contenuto:
<pre>
# Fail2Ban configuration file
[Definition]
# Option: failregex
# Note: This regex will match any GET entry in your logs, so basically all valid and not valid entries are a match.
# You should set up in the jail.conf file, the maxretry and findtime carefully in order to avoid false positives.
failregex = ^<HOST> -.*"(GET|POST).*
# Option: ignoreregex
ignoreregex =
</pre>
Salviamo e riavviamo:
<pre>
# systemctl restart fal2ban
</pre>
</pre>