# Fail2Ban configuration file.
[DEFAULT]
ignoreip = 127.0.0.1 192.168.1.XXX
findtime = 300
bantime = 3200
#600
maxretry = 3
backend = polling
destemail = root@localhost
banaction = iptables-multiport
mta = sendmail
protocol = tcp
# ACTIONS
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s]
action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s]
%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s]
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s]
%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s]
action = %(action_mwl)s
# JAILS
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 6
[ftp-vservers]
enabled = true
port = ftp,ftp-data,ftps,ftps-data
filter = proftpd
logpath = /var/lib/vservers/vMonServeur/var/log/proftpd/proftpd.log
#maxretry = 5
#action = iptables[name=ProFTPD, port=ftp, protocol=tcp]
[apache-vservers]
enabled = true
port = http,https
filter = apache-auth
logpath = /var/lib/vservers/vMonServeur/var/log/apache*/*error.log
maxretry = 5
#action = hostsdeny
Partager