Mercurial > repos > other > Puppet

annotate common/fail2ban/ibb-apache-shellshock.conf @ 284:9431aec4d998

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Switch to using IPv6 prefix and IP per site This is because the proxy seems to break SNI, so we need an IP per SSL cert. We're not short of IPv6 addresses, though! Also corrected to "4to6" naming, because we're letting IPv4 access an IPv6 site
author IBBoard <dev@ibboard.co.uk>
date Sun, 16 Feb 2020 12:07:35 +0000
parents b7c30595c97a
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
1 # Fail2Ban configuration file
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
2 #
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
3 # Author: IBBoard
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
4
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
5 [Definition]
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
6
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
7 # Option: failregex
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
8 # Notes.: regex to match Shellshock attempts against Apache
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
9 # Values: TEXT
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
10 #
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
11 failregex = <HOST>.*\(\s*\)\s*\{[^"]*\}\s*\;[^"]+
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
12
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
13 # Option: ignoreregex
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
14 # Notes.: regex to ignore. If this regex matches, the line is ignored.
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
15 # Values: TEXT
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
16 #
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
17 ignoreregex =