fail2ban/config/filter.d
sebres a45b1c974c filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast);
closes gh-2951
2021-03-02 19:35:27 +01:00
..
ignorecommands filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast); 2021-03-02 19:35:27 +01:00
3proxy.conf
apache-auth.conf filter.d/apache-auth.conf: 2019-10-18 11:26:19 +02:00
apache-badbots.conf
apache-botsearch.conf
apache-common.conf filter.d/apache-auth.conf: 2019-10-18 11:26:19 +02:00
apache-fakegooglebot.conf
apache-modsecurity.conf updated 2019-04-24 21:35:19 +02:00
apache-nohome.conf
apache-noscript.conf filter.d/apache-noscript.conf: extended to match "script not found" with error AH02811 (and cgi-bin path segment in script) 2020-11-23 17:25:41 +01:00
apache-overflows.conf filter.d/apache-overflows.conf: extended to match AH00126 error (Invalid URI ...); 2021-01-11 15:10:53 +01:00
apache-pass.conf
apache-shellshock.conf
assp.conf
asterisk.conf filter.d/asterisk.conf: relaxing protocol RE-part before IP in RemoteAddress (gh-2531) 2019-09-26 21:46:26 +02:00
bitwarden.conf review and small tweaks (more precise and safe RE) 2020-11-09 13:43:59 +01:00
botsearch-common.conf
centreon.conf Add Centreon jail 2019-10-24 14:37:18 +02:00
common.conf filter.d/common.conf: closes gh-2650, avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (after the config considers all sections that can overwrite it); 2020-03-05 13:47:11 +01:00
counter-strike.conf
courier-auth.conf
courier-smtp.conf filter.d/courier-smtp.conf: prefregex extended to consider port in log-message (closes gh-2697) 2020-04-21 13:32:17 +02:00
cyrus-imap.conf
directadmin.conf
domino-smtp.conf filter.d/domino-smtp.conf: 2018-09-21 14:14:00 +02:00
dovecot.conf filter.d/dovecot.conf: allow more verbose logging 2020-11-23 18:17:29 +01:00
dropbear.conf
drupal-auth.conf
ejabberd-auth.conf
exim-common.conf
exim-spam.conf
exim.conf
freeswitch.conf filter.d/freeswitch.conf: provide mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`. 2018-08-03 11:42:15 +02:00
froxlor-auth.conf
gitlab.conf New Gitlab jail 2020-04-09 16:42:08 +02:00
grafana.conf no catch-alls, user name and error message stored in ticket 2020-11-09 15:36:30 +01:00
groupoffice.conf
gssftpd.conf
guacamole.conf Enhance Guacamole jail 2020-08-25 13:01:50 +02:00
haproxy-http-auth.conf
horde.conf
kerio.conf
lighttpd-auth.conf
mongodb-auth.conf
monit.conf filter.d/common.conf: closes gh-2650, avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (after the config considers all sections that can overwrite it); 2020-03-05 13:47:11 +01:00
murmur.conf
mysqld-auth.conf filter.d/mysqld-auth.conf: capture user name in filter (can be more strict if user switched, used in action or fail2ban-regex output); 2020-01-22 17:24:40 +01:00
nagios.conf
named-refused.conf filter.d/named-refused.conf: fixes prefix for messages from systemd journal (no mandatory space ahead, because don't have timestamp) 2020-12-29 21:22:47 +01:00
nginx-botsearch.conf
nginx-http-auth.conf
nginx-limit-req.conf
nsd.conf
openhab.conf
openwebmail.conf
oracleims.conf
pam-generic.conf quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now; 2018-03-20 16:00:21 +01:00
perdition.conf
php-url-fopen.conf
phpmyadmin-syslog.conf typo 2020-11-23 18:08:38 +01:00
portsentry.conf
postfix.conf filter.d/postfix.conf: extended mode ddos and aggressive covering multiple disconnects without auth 2020-02-10 13:29:16 +01:00
proftpd.conf typo 2020-11-23 18:07:49 +01:00
pure-ftpd.conf
qmail.conf
recidive.conf
roundcube-auth.conf
screensharingd.conf
selinux-common.conf
selinux-ssh.conf
sendmail-auth.conf amend to 3f04cba9f92a1827d0cb3dcb51e57d9f60900b4a: sendmail-auth has 2 failregex now, so rewritten with prefregex 2020-08-27 18:07:42 +02:00
sendmail-reject.conf fixes gh-2787: allow to match `did not issue MAIL/EXPN/VRFY/ETRN during connection` non-anchored with extra mode (default names may deviate); 2020-08-27 17:04:19 +02:00
sieve.conf
slapd.conf
softethervpn.conf small tweaks (both 2nd time and facility are optional, avoid catch-all, etc) 2020-11-09 13:19:25 +01:00
sogo-auth.conf Merge branch 'master-0.9' into 0.10 2019-03-12 16:58:08 +01:00
solid-pop3d.conf
squid.conf
squirrelmail.conf
sshd.conf filter.d/sshd.conf: mode `ddos` (and `aggressive`) extended with new rule closing flood attack vector, matching: 2020-10-08 21:07:51 +02:00
stunnel.conf
suhosin.conf
tine20.conf
traefik-auth.conf filter.d/traefik-auth.conf: filter extended with parameter mode (`normal`, `ddos`, `aggressive`) to handle the match of username differently: 2020-04-23 13:08:24 +02:00
uwimap-auth.conf
vsftpd.conf
webmin-auth.conf
wuftpd.conf
xinetd-fail.conf
znc-adminlog.conf filter.d/znc-adminlog.conf: support logging format of systemd-journal, bypass port after address (optional, removed end-anchor, see gh-2520) 2019-09-10 21:02:26 +02:00
zoneminder.conf