Mercurial > repos > other > Puppet

view common/fail2ban/ibb-apache-exploits-access.conf @ 3:ea71652452e9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Give OpCache more memory and make sure that we refresh on config changes
author IBBoard <dev@ibboard.co.uk>
date Wed, 27 Aug 2014 12:57:47 +0000
parents 956e484adc12
children
line wrap: on
line source

# Fail2Ban configuration file
#
# Author: IBBoard

[Definition]
maxretry = 2

# Option:  failregex
# Notes.:  regex to match the password failure messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values:  TEXT
#
failregex = 	^<HOST> .*"(?:GET|HEAD|POST) .*/(?:scripts/setup\.php|newticket|phpMyAdmin-\d\.\d\.\d|(?:(?:php)?[Mm]y[Aa]dmin[0-9]?)|[Pp][Mm][Aa]|sql(?:admin|web|manager)?|roundcube|typo3|dbadmin)[^"]*" 40[024]
		^<HOST> .*"(?:GET|HEAD|POST) .*\.php/[^/"]+\.php
		^<HOST> .*"(?:GET|HEAD|POST) [^\?]+\?[^\?]+=http://[^&]+(?:(?:shell|bot).php|\?\?).*"
		^<HOST> .*"(?:GET|HEAD|POST) .*//wp-content/.*"
		^<HOST> .*"(?:GET|HEAD|POST) .*/wp-content/uploads/200[789]/.*"
		^<HOST> .*"(?:GET|HEAD|POST) /projects/[^/]+/[^"]+/newticket\ HTTP
		^<HOST> .*"(?:GET|HEAD|POST) .*/wp-content/plugins/[^"]*" 40[0-4]
		^<HOST> .*"(?:GET|HEAD|POST) [^"]*README[^"]*" 40[0-4]

# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =	^[^ ]+ - [^-]+
		/phpmyadmin/favicon.ico