68 lines
925 B
Markdown
68 lines
925 B
Markdown
|
---
|
||
|
title: "Fail2ban"
|
||
|
weight: 1
|
||
|
# bookFlatSection: false
|
||
|
# bookToc: true
|
||
|
# bookHidden: false
|
||
|
# bookCollapseSection: false
|
||
|
# bookComments: false
|
||
|
# bookSearchExclude: false
|
||
|
---
|
||
|
|
||
|
# Fail2ban
|
||
|
|
||
|
## Installation
|
||
|
Installer le paquet `fail2ban`.
|
||
|
|
||
|
## Configuration
|
||
|
```ini
|
||
|
[DEFAULT]
|
||
|
bantime = 1h
|
||
|
bantime.increment = true
|
||
|
|
||
|
ignoreip = 127.0.0.1/8 ::1
|
||
|
|
||
|
banaction = ufw[comment="fail2ban"]
|
||
|
banaction_allports = ufw[type=allports,comment="fail2ban"]
|
||
|
|
||
|
destemail = ...
|
||
|
sender = ...
|
||
|
|
||
|
action = %(action_mwl)s
|
||
|
```
|
||
|
|
||
|
### Services
|
||
|
```ini
|
||
|
[sshd]
|
||
|
enabled = true
|
||
|
mode = aggressive
|
||
|
|
||
|
[postfix]
|
||
|
enabled = true
|
||
|
mode = aggressive
|
||
|
|
||
|
[dovecot]
|
||
|
enabled = true
|
||
|
mode = aggressive
|
||
|
|
||
|
[bitwarden]
|
||
|
enabled = true
|
||
|
logpath = /var/log/vaultwarden.log
|
||
|
|
||
|
[nginx-http-auth]
|
||
|
enabled = true
|
||
|
|
||
|
[nginx-botsearch]
|
||
|
enabled = true
|
||
|
|
||
|
[sieve]
|
||
|
enabled = true
|
||
|
|
||
|
[nextcloud]
|
||
|
enabled = true
|
||
|
logpath = /var/log/nextcloud/nextcloud.log
|
||
|
```
|
||
|
|
||
|
## Démarrage
|
||
|
Activer le service `fail2ban.service`.
|