4 069
contributi
Fail2ban: differenze tra le versioni
→Apache mod_security
Nessun oggetto della modifica |
|||
| Riga 99: | Riga 99: | ||
</pre> | </pre> | ||
=== Apache | === Apache === | ||
Aggiungere in <code>/etc/fail2ban/jail.d/jail.local i seguenti filtri: | |||
<pre> | <pre> | ||
# | ##To block failed login attempts use the below jail. | ||
[apache] | |||
[ | enabled = true | ||
port = http,https | |||
filter = apache-auth | |||
logpath = /var/log/apache2/*error.log | |||
maxretry = 3 | |||
bantime = 600 | |||
##To block the remote host that is trying to request suspicious URLs, use the below jail. | |||
[ | [apache-overflows] | ||
enabled = true | |||
port = http,https | |||
filter = apache-overflows | |||
logpath = /var/log/apache2/*error.log | |||
maxretry = 3 | |||
bantime = 600 | |||
##To block the remote host that is trying to search for scripts on the website to execute, use the below jail. | |||
[apache-noscript] | |||
enabled = true | |||
port = http,https | |||
filter = apache-noscript | |||
logpath = /var/log/apache2/*error.log | |||
maxretry = 3 | |||
bantime = 600 | |||
##To block the remote host that is trying to request malicious bot, use below jail. | |||
[apache-badbots] | |||
enabled = true | enabled = true | ||
port = http,https | |||
filter = apache-badbots | |||
logpath = /var/log/apache2/*error.log | |||
logpath = /var/log/ | |||
maxretry = 3 | maxretry = 3 | ||
bantime = 600 | |||
##To stop DOS attack from remote host. | |||
[http-get-dos] | |||
enabled = true | |||
port = http,https | |||
filter = http-get-dos | |||
logpath = /var/log/apache*/access.log | |||
maxretry = 400 | |||
findtime = 400 | |||
bantime = 600 | |||
action = iptables[name=HTTP, port=http, protocol=tcp] | |||
</pre> | </pre> | ||