Mercurial > repos > other > Puppet

view modules/fail2ban/files/ibb-apache-ip-block.conf @ 337:a79ad974a548

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement fail2ban for Apache as mod_rewrite We can't use pure iptables because IPv4 requests come through our proxy. BUT we're using PROXY, so Apache sees the true IP.
author IBBoard <dev@ibboard.co.uk>
date Sat, 16 May 2020 14:05:09 +0100
parents
children 3a1b19f6a054
line wrap: on
line source

# Custom IP blocking script for Apache
# This deals with IPv4 and IPv6 on an IPv6-only server
# with PROXY protocol support so we can see the originating
# IPv4 address

[Definition]

actionstart =

actionstop =

actioncheck =

actionban = /usr/local/bin/apache-ip-ban ban <ip>

actionunban = /usr/local/bin/apache-ip-ban unban <ip>