From 9fb1fe4b7536f01d7796b32fb28b1029a1398c48 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Fri, 24 Jul 2015 09:11:03 +0200 Subject: [PATCH] ENable more apache jails --- .../etc/fail2ban/jail.conf/30Service25httpd | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd index 16d7d84..93c15dc 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd @@ -55,4 +55,37 @@ EOF $OUT .= " smeserver-sendmail[name=\"Apache (auth)\",dest=$maildest]\n" if ($mail eq 'enabled'); + +[http-badbots] +enabled = true +filter = apache-badbots +logpath = /var/log/httpd/error_log +action = smeserver-iptables[port="$port",protocol=tcp,bantime=$bantime] +EOF + +$OUT .= " smeserver-sendmail[name=\"Apache (badbots)\",dest=$maildest]\n" + if ($mail eq 'enabled'); + +[http-shellshock] +enabled = true +filter = apache-shellshock +logpath = /var/log/httpd/error_log +action = smeserver-iptables[port="$port",protocol=tcp,bantime=$bantime] +EOF + +$OUT .= " smeserver-sendmail[name=\"Apache (shellshock)\",dest=$maildest]\n" + if ($mail eq 'enabled'); + +[http-fakegooglebot] +enabled = true +filter = apache-fakegooglebot +logpath = /var/log/httpd/error_log +action = smeserver-iptables[port="$port",protocol=tcp,bantime=$bantime] +EOF + +$OUT .= " smeserver-sendmail[name=\"Apache (fakegooglebot)\",dest=$maildest]\n" + if ($mail eq 'enabled'); + + + }