Merge master. #2
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If you have configured nginx to forbid some paths in your webserver, e.g.:
location ~ /\. {
deny all;
}
if a client tries to access https://yoursite/.user.ini then you will see
in nginx error log:
2018/09/14 19:03:05 [error] 2035#2035: *9134 access forbidden by rule, client: 10.20.30.40, server: www.example.net, request: "GET /.user.ini HTTP/1.1", host: "www.example.net", referrer: "https://www.example.net"
By carefully setting this filter we ban every IP that tries too many times to
access forbidden resources.
Author: Michele Bologna https://www.michelebologna.net/
Please add this entry for virtual python interpreter. This directory name is needed in the PyCharm environment.
.gitignore: ignore `.venv/`
Add filter to detect failed login attempts in the log produced by MikroTik RouterOS. - Add the filter to jail.conf - Add testcase for the filter Signed-off-by: Vít Kabele <[email protected]>
Change unban to find by ip address not comment
… (if some name may be equal to prefix of other name)
action.d/cloudflare-token.conf: url-encode args by unban closes 'fail2bangh-3479'
Feat: ban nginx forbidden accesses
Add action for mikrotik routerOS
…hes unrecognized commands new vector
…ocal libraries if import would miss them); closes fail2bangh-3487
…nd their successful import
….12 into f2b (fallback to local libraries if import would miss them); closes fail2bangh-3487
…AUTH' together with message 'disconnect ...'); closes fail2bangh-3505
…. g. using together with `head`); amend to fail2bangh-2758 (see fail2bangh-3653)
…seems not to have rDNS anymore)
…e as it doesn't add any value.
self.host cannot be supplied to SMTP because it can contain port (but `connect` takes place few lines below)
…es host/port in addition to connect() due to bug with starttls.
…pClass/tearDownClass (behaves like a singleton, doesn't start smtp server per test); don't generate cert every time (too slow by RSA:2048, use short ECC:256 instead); drastically speedup all smtp-action tests
`action.d/smtp.py` - add support for TLS SMTP connections.
…e it'd prefer jail to the filter now), fallback: - fail2ban-regex ... sshd + fail2ban-regex ... filter.d/sshd closes fail2bangh-2655
… of jail settings in fail2ban-regex; closes fail2bangh-2655
Merge master.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.