We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent 2c95278 commit e7acc9eCopy full SHA for e7acc9e
cookbooks/apache/metadata.rb
@@ -6,6 +6,7 @@
6
7
version "1.0.0"
8
supports "ubuntu"
9
+depends "fail2ban"
10
depends "munin"
11
depends "prometheus"
12
depends "ssl"
cookbooks/apache/recipes/default.rb
@@ -17,6 +17,7 @@
17
# limitations under the License.
18
#
19
20
+include_recipe "fail2ban"
21
include_recipe "munin"
22
include_recipe "prometheus"
23
include_recipe "ssl"
@@ -98,6 +99,17 @@
98
99
template "ssl.erb"
100
end
101
102
+fail2ban_filter "apache-forbidden" do
103
+ failregex '^<ADDR> .* "[^"]*" 403 .*$'
104
+end
105
+
106
+fail2ban_jail "apache-forbidden" do
107
+ filter "apache-forbidden"
108
+ logpath "/var/log/apache2/access.log"
109
+ ports [80, 443]
110
+ maxretry 50
111
112
113
munin_plugin "apache_accesses"
114
munin_plugin "apache_processes"
115
munin_plugin "apache_volume"
0 commit comments