mirror of https://github.com/fail2ban/fail2ban
Merge pull request #697 from jhmartin/monit_admin_hack
Block brute-force attempts against the Monit guipull/715/merge
commit
77ba065571
@ -0,0 +1,9 @@
|
|||||||
|
# Fail2Ban filter for monit.conf, looks for failed access attempts
|
||||||
|
#
|
||||||
|
#
|
||||||
|
|
||||||
|
[Definition]
|
||||||
|
|
||||||
|
failregex = ^\[[A-Z]+\s+\]\s*error\s*:\s*Warning:\s+Client '<HOST>' supplied unknown user '\w+' accessing monit httpd$
|
||||||
|
^\[[A-Z]+\s+\]\s*error\s*:\s*Warning:\s+Client '<HOST>' supplied wrong password for user '\w+' accessing monit httpd$
|
||||||
|
|
@ -0,0 +1,6 @@
|
|||||||
|
# failJSON: { "time": "2005-04-16T21:05:29", "match": true , "host": "69.93.127.111" }
|
||||||
|
[PDT Apr 16 21:05:29] error : Warning: Client '69.93.127.111' supplied unknown user 'foo' accessing monit httpd
|
||||||
|
|
||||||
|
# failJSON: { "time": "2005-04-16T20:59:33", "match": true , "host": "97.113.189.111" }
|
||||||
|
[PDT Apr 16 20:59:33] error : Warning: Client '97.113.189.111' supplied wrong password for user 'admin' accessing monit httpd
|
||||||
|
|
Loading…
Reference in new issue