Mercurial > repos > other > Puppet

diff common/fail2ban/jail.local @ 187:6c260427a94c puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Reduce Apache Instaban ban duration to reduce reboot time We're getting flooded with hundreds of failures per day, which keeps nearly 1000 entries in Fail2Ban, which then "unbans" each and every IP on stop. As the system only does a few unbans per second then this can take three minutes to stop (e.g. at shutdown)! May need to alter "repeat offender" in future
author IBBoard <dev@ibboard.co.uk>
date Sat, 02 Feb 2019 16:30:40 +0000
parents c76ba5e3685f
children 3c03d3d03656
line wrap: on
line diff
--- a/common/fail2ban/jail.local	Tue Jan 08 20:13:18 2019 +0000
+++ b/common/fail2ban/jail.local	Sat Feb 02 16:30:40 2019 +0000
@@ -35,8 +35,8 @@
 filter   = ibb-apache-exploits-instaban
 action   = firewall-ban[name=ApacheInstaban,chain=Fail2Ban,port="80,443"]
 logpath  = /var/log/apache/access_*.log
-findtime = 604800
-bantime  = 604800
+findtime = 86400
+bantime  = 86400
 
 [apache-auth]
 enabled  = true