Mercurial > repos > other > Puppet

annotate common/fail2ban/ibb-apache-shellshock.conf @ 216:436be6e59198 puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Blacklist more username probes, including: * numbers * abc123 * botmaster * root with numbers * wp-user (who even runs Wordpress under its own user?)
author IBBoard <dev@ibboard.co.uk>
date Sat, 03 Aug 2019 09:54:10 +0100
parents b7c30595c97a
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
1 # Fail2Ban configuration file
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
2 #
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
3 # Author: IBBoard
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
4
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
5 [Definition]
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
6
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
7 # Option: failregex
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
8 # Notes.: regex to match Shellshock attempts against Apache
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
9 # Values: TEXT
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
10 #
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
11 failregex = <HOST>.*\(\s*\)\s*\{[^"]*\}\s*\;[^"]+
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
12
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
13 # Option: ignoreregex
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
14 # Notes.: regex to ignore. If this regex matches, the line is ignored.
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
15 # Values: TEXT
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
16 #
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
17 ignoreregex =