File tree 3 files changed +22
-3
lines changed
3 files changed +22
-3
lines changed Original file line number Diff line number Diff line change 105
105
end
106
106
107
107
fail2ban_filter "apache-forbidden" do
108
- failregex '^<ADDR> .* "[^"]*" 403 .*$'
108
+ action :delete
109
109
end
110
110
111
111
fail2ban_jail "apache-forbidden" do
112
- filter "apache-forbidden"
113
- logpath "/var/log/apache2/access.log"
112
+ action :delete
113
+ end
114
+
115
+ fail2ban_filter "apache-evasive" do
116
+ failregex "^Blacklisting address <ADDR>: possible DoS attack\. $"
117
+ end
118
+
119
+ fail2ban_jail "apache-evasive" do
120
+ filter "apache-evasive"
121
+ backend "systemd"
122
+ journalmatch "SYSLOG_IDENTIFIER=mod_evasive"
114
123
ports [ 80 , 443 ]
115
124
findtime "1m"
116
125
maxretry 50
Original file line number Diff line number Diff line change 23
23
24
24
property :jail , :kind_of => String , :name_property => true
25
25
property :filter , :kind_of => String
26
+ property :backend , :kind_of => String
27
+ property :journalmatch , :kind_of => String
26
28
property :logpath , :kind_of => String
27
29
property :protocol , :kind_of => String
28
30
property :ports , :kind_of => Array , :default => [ ]
40
42
mode "644"
41
43
variables :name => new_resource . jail ,
42
44
:filter => new_resource . filter ,
45
+ :backend => new_resource . backend ,
46
+ :journalmatch => new_resource . journalmatch ,
43
47
:logpath => new_resource . logpath ,
44
48
:protocol => new_resource . protocol ,
45
49
:ports => new_resource . ports ,
Original file line number Diff line number Diff line change @@ -11,6 +11,12 @@ port = <%= @ports.join(",") %>
11
11
<% if @filter -%>
12
12
filter = <%= @filter %>
13
13
<% end -%>
14
+ <% if @backend -%>
15
+ backend = <%= @backend %>
16
+ <% end -%>
17
+ <% if @journalmatch -%>
18
+ journalmatch = <%= @journalmatch %>
19
+ <% end -%>
14
20
<% if @logpath -%>
15
21
logpath = <%= @logpath %>
16
22
<% end -%>
You can’t perform that action at this time.
0 commit comments