Skip to content

Commit e7acc9e

Browse files
committedMar 11, 2024
Use fail2ban to block IPs getting repeated HTTP forbidden responses
1 parent 2c95278 commit e7acc9e

File tree

2 files changed

+13
-0
lines changed

2 files changed

+13
-0
lines changed
 

‎cookbooks/apache/metadata.rb

+1
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66

77
version "1.0.0"
88
supports "ubuntu"
9+
depends "fail2ban"
910
depends "munin"
1011
depends "prometheus"
1112
depends "ssl"

‎cookbooks/apache/recipes/default.rb

+12
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
# limitations under the License.
1818
#
1919

20+
include_recipe "fail2ban"
2021
include_recipe "munin"
2122
include_recipe "prometheus"
2223
include_recipe "ssl"
@@ -98,6 +99,17 @@
9899
template "ssl.erb"
99100
end
100101

102+
fail2ban_filter "apache-forbidden" do
103+
failregex '^<ADDR> .* "[^"]*" 403 .*$'
104+
end
105+
106+
fail2ban_jail "apache-forbidden" do
107+
filter "apache-forbidden"
108+
logpath "/var/log/apache2/access.log"
109+
ports [80, 443]
110+
maxretry 50
111+
end
112+
101113
munin_plugin "apache_accesses"
102114
munin_plugin "apache_processes"
103115
munin_plugin "apache_volume"

0 commit comments

Comments
 (0)