fail2ban/config/filter.d
Edward Beckett 835b3ff483 Update apache-badbots.conf
Useragent strings including `+http` need to be escaped to be valid.
2015-09-05 00:12:28 -04:00
..
ignorecommands NF: apache-fakegooglebot ignorecommand + DNSUtils.ipToName 2015-02-02 12:19:20 -05:00
3proxy.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
apache-auth.conf Add apache filter for AH01630 client denied by server configuration 2014-09-14 21:54:05 +01:00
apache-badbots.conf Update apache-badbots.conf 2015-09-05 00:12:28 -04:00
apache-botsearch.conf Include consistency 2015-02-03 15:54:05 +01:00
apache-common.conf MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
apache-fakegooglebot.conf New jail: apache-fakegooglebot 2015-02-02 00:42:01 -05:00
apache-modsecurity.conf ENH: apache modsecurity from 0.9 branch 2013-12-29 07:06:13 +00:00
apache-nohome.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
apache-noscript.conf DOC: fix comment regarding apache version in apache-noscript 2014-01-10 08:35:37 +11:00
apache-overflows.conf BF: apache filters using error log weren't matched when referer existed in HTTP header 2013-11-19 10:27:55 +11:00
apache-pass.conf Added pass2allow (knocking with fail2ban) 2015-07-10 16:22:43 +02:00
apache-shellshock.conf adding filter to detect Shellshock attack attempts against bash scripts through apache. See http://seclists.org/oss-sec/2014/q3/650 2014-09-26 16:25:07 +01:00
assp.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
asterisk.conf Asterisk security log: add support for websocket protocol events 2015-05-25 08:13:30 +03:00
botsearch-common.conf Created botsearch-common.conf 2015-02-03 04:25:47 +01:00
common.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
counter-strike.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
courier-auth.conf MRG: 0.8.11 to 0.9 2013-11-02 15:59:05 +11:00
courier-smtp.conf Update courier-smtp.conf 2014-07-28 12:51:38 +02:00
cyrus-imap.conf ENH: cyrus-imap -- catch also 'user not found' attempts 2014-07-25 10:13:04 -04:00
directadmin.conf Added Directadmin filter, jail and log test 2014-07-02 13:52:06 +02:00
dovecot.conf Match unknown user in dovecot's passwd-file auth database 2015-04-30 16:53:10 +08:00
dropbear.conf ENH: DoS resistant dropbear filter 2013-11-12 18:06:16 +11:00
drupal-auth.conf Add drupal-auth filter and jail 2015-04-27 13:10:27 -04:00
ejabberd-auth.conf MRG: complete merge 2014-01-12 21:16:55 +11:00
exim-common.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
exim-spam.conf MRG: from 0.9 2014-01-07 16:11:40 +11:00
exim.conf exim filter: correct failregex for exim with extended log options 2014-12-04 13:34:44 +03:00
freeswitch.conf DOC: bit more on how to use freeswitch 2014-01-04 12:39:48 +11:00
froxlor-auth.conf add froxlor-auth filter and jail 2015-05-25 13:44:50 +02:00
groupoffice.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
gssftpd.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
guacamole.conf
horde.conf MRG: horde filter from master 2014-01-03 10:34:59 +11:00
kerio.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
lighttpd-auth.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
monit.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
mysqld-auth.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
nagios.conf removing the second failregex 2014-02-06 00:22:05 +01:00
named-refused.conf Add ignoreregex to avoid warning on start 2014-11-12 10:30:28 +01:00
nginx-botsearch.conf Add HEAD method verb to apache-badbots, nginx-badbots 2015-07-07 17:45:40 +02:00
nginx-http-auth.conf ENH: adding pruned with previous merge trailing \s* in nginx filter 2014-04-03 21:31:46 -04:00
nsd.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
openwebmail.conf ENH: stronger regex for failregex 2013-12-31 08:22:52 +11:00
oracleims.conf ENH: make oracleims failregex better anchored (more explicit) 2014-06-10 03:52:16 -04:00
pam-generic.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
perdition.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
php-url-fopen.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
portsentry.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
postfix-rbl.conf loosen up regex for spamhaus (spamcop says "Blocked" as part of url) 2014-12-30 19:14:39 -05:00
postfix-sasl.conf [postfix-sasl] update regexes 2015-02-03 11:30:16 -07:00
postfix.conf Add 'Client host rejected error message' regex 2014-12-30 18:05:19 -05:00
proftpd.conf Update proftpd.conf 2015-04-08 15:57:39 +02:00
pure-ftpd.conf Credits and notes from #806 2014-09-08 19:02:37 +10:00
qmail.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
recidive.conf Add ignoreregex to avoid warning on start 2014-11-12 11:05:56 +01:00
roundcube-auth.conf Add optional session id prefix for roundcube 1.1.1 2015-07-04 11:06:51 -04:00
selinux-common.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
selinux-ssh.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
sendmail-auth.conf ENH: add filter for sendmail-{auth,spam}. Closes gh-20 2014-02-26 19:16:49 +11:00
sendmail-reject.conf MRG: merge filter sendmail-spam into sendmail-reject 2014-03-02 16:28:23 +11:00
sieve.conf Fix sieve filter to use correct option 2014-07-28 23:42:02 +09:00
sogo-auth.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
solid-pop3d.conf Fix a few typos 2014-03-24 13:16:52 +00:00
squid.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
squirrelmail.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
sshd-ddos.conf MRG: 0.8.11 to 0.9 2013-11-02 15:59:05 +11:00
sshd.conf added \s after host 2015-04-17 10:22:01 +02:00
stunnel.conf ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934) 2015-01-30 10:38:28 -05:00
suhosin.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
tine20.conf ENH: tighten regex and change failJSON to support timezone. Closes gh-583 2014-01-22 22:16:03 +11:00
uwimap-auth.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00
vsftpd.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
webmin-auth.conf BF: remove duplication definition secion in webmin-auth 2013-11-04 17:54:36 +11:00
wuftpd.conf Add filter variable __pam_auth to allow easier changing of pam auth backend 2015-01-27 14:34:27 -07:00
xinetd-fail.conf DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-31 00:02:59 +11:00