Mercurial > repos > other > Puppet
view modules/fail2ban/files/ibb-apache-ip-block.conf @ 337:a79ad974a548
Implement fail2ban for Apache as mod_rewrite
We can't use pure iptables because IPv4 requests come through our
proxy. BUT we're using PROXY, so Apache sees the true IP.
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sat, 16 May 2020 14:05:09 +0100 |
parents | |
children | 3a1b19f6a054 |
line wrap: on
line source
# Custom IP blocking script for Apache # This deals with IPv4 and IPv6 on an IPv6-only server # with PROXY protocol support so we can see the originating # IPv4 address [Definition] actionstart = actionstop = actioncheck = actionban = /usr/local/bin/apache-ip-ban ban <ip> actionunban = /usr/local/bin/apache-ip-ban unban <ip>