Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen gezeigt.

--- lpi2:fail2ban [2014/02/27 01:02]
ingo_wichmann
+++ lpi2:fail2ban [2018/02/02 11:16] (aktuell)
ingo_wichmann [Apache Basic Auth]
@@ Zeile 1: / Zeile 1: @@
 Pakete:
-  * Debian (7): ''fail2ban''
+  * Debian (ab 7): ''fail2ban''
+Per default überwacht fail2ban bei debian ssh:
+  egrep -A7 '\[sshd?\]' /etc/fail2ban/jail.conf
+  less /etc/fail2ban/filter.d/sshd.conf
+<file txt /etc/fail2ban/jail.conf>
+…
+[DEFAULT]
+…
+banaction = iptables-multiport
+…
+</file>
+  less /etc/fail2ban/action.d/iptables-multiport.conf
+fail2ban Zusammenfassung der Konfiguration anzeigen:
+  fail2ban-client status
+  fail2ban-client status sshd
+====== Apache Basic Auth ======
+Pakete: apache2 fail2ban (Debian 9)
+  mkdir -p /srv/www/fail2ban
+  htpasswd -c /srv/www/htpasswd_fail2ban heinz
+<file txt /etc/apache2/conf-available/fail2ban-apache-auth-test.conf>
+<directory /srv/www/fail2ban>
+  AllowOverride AuthConfig
+  AuthType        Basic
+  AuthName        "Bitte Username und Passwort"
+  AuthBasicProvider file
+  AuthUserFile    /srv/www/htpasswd_fail2ban
+  Require         valid-user
+</directory>
+</file>
+<file html /srv/www/fail2ban/index.html>
+<html>
+  <head>
+    <title>Hello fail2ban!</title>
+  </head>
+  <body>
+    Hello fail2ban
+  </body>
+</html>
+</file>
+Zugriff lokal testen:
+  wget --user heinz --password xxx -nv -O - http://127.0.0.1/fail2ban-test/index.html
+<file txt /etc/fail2ban/jail.local>
+[apache-auth]
+enabled = true
+</file>
+  fail2ban-client reload
+  fail2ban-client status
+  fail2ban-client status apache-auth
+Von einem anderen Rechner aus:
+  ab -n 10 -A heinz:nono http://192.168.212.11/fail2ban-test/index.html
+  less /var/log/fail2ban.log

Linuxhotel Wiki

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Unterschiede

Seiten-Werkzeuge