"François Patte" <francois.pa...@mi.parisdescartes.fr> wrote: >Bonjour, > >I try to configure fail2ban in order to ban IP which try to connect to >directories protected by .htaccess. > >Here is my [apache] section in jail.conf: > >enabled = true >port = http,https >filter = apache-auth >logpath = /var/log/apache*/*error.log >maxretry = 3 > >But I tested filling the auth form with erroneous login/password and >nothing happens! Nothing appeared in /var/log/fail2ban.log... >
Show filter.d/apache-auth and show the output of a: tail -F /var/log/apache*/*error.log while you make the bad requests (you might need to do a $(find ...) to handle those wildcards - I'm also unsure if f2b deals with apache*). Also, if you've logged an invalid request, do yourself a favor and create a test directory with different files of different failure lines and run fail2ban-regex against them. Then, when you alter a regex, you can easily see if something you didn't want changed. >I tried the same for ssh connections and the IP of the computer from >which I tried was banned after the third attempt. > >What is missing in my config? > > >Here is the ssh section in jail.conf: > >enabled = true >port = ssh >filter = sshd >logpath = /var/log/auth.log >maxretry = 6 > > > >Thanks -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cf358a0c-2eb9-4205-9c7b-a135e5c4c...@email.android.com
