install, configure, and manage fail2ban
- Minimum Ansible version:
2.5
fail2ban_configure: truename: before: [] after: [] failregex: [] ignoreregex: []
fail2ban_filters: {}nginx-custom:
init:
block: >-
\/?(<webmail>|<phpmyadmin>|<wordpress>|<php>|<misc>)[^,]*
misc: >-
(cgi-bin|mysqladmin|admin|aws|credentials|\.aws)
php: >-
(phpinfo|test\.php|vendor|laravel|\?XDEBUG_SESSION_START)
phpmyadmin: >-
(typo3/|xampp/|admin/|)(pma|(php)?[Mm]y[Aa]dmin)
webmail: >-
roundcube|(ext)?mail|horde|(v-?)?webmail
wordpress: >-
wp-(login|signup|admin)\.php
failregex:
- >-
\"<HOST>\" \"(\w+|-)\" \"https?\:\/\/.+\" .+ (301|4\d\d)$
- >-
\"<HOST>\" \"(\w+|-)\" \"https?\:\/\/[\w\d\.]+<block>\"
- >-
\[error\] \d+#\d+: \*\d+ (\S+ )?\"\S+\" (failed|is not found) \(2\: No such file or directory\), client\: <HOST>\, server\: \S*\, request: \"(GET|POST|HEAD).*\"
ignoreregex: []fail2ban_install: trueJail rules in the form of name: {key: value, ...}
fail2ban_jails: {}nginx-custom:
enabled: "true"
filter: "nginx-custom"
bantime: "72h"
findtime: "180m"
maxretry: 3fail2ban_package_state: presentfail2ban_packages: [fail2ban]fail2ban_service: truefail2ban_service_enabled: truefail2ban_service_name: fail2banfail2ban_service_state: startedfail2ban
fail2ban-configure
fail2ban-install
fail2ban-service
None.
MIT
cornfeedhobo