github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Updated Best practice (markdown)

master
Sergey G. Brester 2019-08-23 09:44:28 +02:00
parent 0ad71272cc
commit 2746607d87
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Best-practice.md

@ -7,7 +7,7 @@ Here are the advises and common smart practices in order to drive Fail2ban opera
* If log-file or journal show several different types of messages or some pre-filtering may be advantageous, use common `prefregex` (and short and efficient as possible);
* Reorganize the regex-order by occurrence in log (frequently as first). This is valid for all regex too.
* Try to reduce count of log-messages (especially unneeded or unrelated information, which is called "parasitic" further) in observing log-file or journal. See section [Reduce parasitic log-traffic](#reduce-parasitic-log-traffic) below.
* Use incremental bantime (since v.0.11) as well as other Fail2Ban new features might help you to minimize intrusions count resp. to reduce attacks in the long perspective.
* Use incremental bantime (since v.0.11) as well as other Fail2Ban new features might help you to minimize intrusions attempt count resp. to reduce attacks in the long perspective.
* Under DDOS-attack similar circumstances use other tools and make special arrangements too, may be in combination with Fail2Ban and/or information it could provide you. Please note, Fail2Ban is just a tool and it depends on what you make out of it.
### Reduce parasitic log-traffic