That's a really short find time by default.
On 10 Aug 2018 20:47, Wayne Sallee <[email protected]> wrote:
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sed -i 's/^/#/' /etc/fail2ban/jail.local
cat >>/etc/fail2ban/jail.local<< "EOF"
[DEFAULT]
# Number of seconds.
bantime = 86400
findtime = 600
maxretry = 5
action = %(action_mwl)s
[sshd]
enabled = true
port = ssh
logpath = /var/log/auth.log
backend = %(sshd_backend)s
[apache-overflows]
enabled = true
port = http,https
logpath = /var/log/apache2/error.log
/var/log/apache2/error1.log
/var/log/apache2/error5.log
maxretry = 2
EOF
Something like that. :-)
Wayne Sallee
[email protected] <mailto:[email protected]>
http://www.WayneSallee.com
On 08/10/2018 03:15 PM, Tony Collins wrote:
It would be so helpful if we could see your config files :-)
Are you comfortable sharing them yet?
If you want to email privately, I'm happy to do that. I've shared my
config files here before.
Please do not worry about sharing stuff like that. We've all got f2b,
we all know how bad it can be to set it
up and to make nice .conf files.
We can set it all up perfectly with a bit of effort :-)
Tony
On Fri, 10 Aug 2018 at 20:11, Wayne Sallee <[email protected]
<mailto:[email protected]>> wrote:
Although the space does produce better results, so it's needed.
Wayne Sallee
[email protected] <mailto:[email protected]>
http://www.WayneSallee.com
On 08/10/2018 03:03 PM, Wayne Sallee wrote:
I already tried both methods, and even tried spaces after the
line.
Maybe I got a buggy version of Fail2Ban.
Wayne Sallee
[email protected] <mailto:[email protected]>
http://www.WayneSallee.com
On 08/10/2018 02:43 PM, Tony Collins wrote:
Thank you for the information.
Ok, I think you mentioned that the semi-colon doesn't work
either. But I'd like to check.
Can you tell me if this works:
[apache-overflows]
enabled = true
port = http,https
logpath =
/var/log/apache2/error.log;/var/log/apache2/error2.log
maxretry = 2
So, no spaces between the two file paths/names, just a ;
Also I think maybe you might need an extra space if you use the
"newline" method. I think I
forgot to say this!
Does this work:
[apache-overflows]
enabled = true
port = http,https
logpath = /var/log/apache2/error.log
/var/log/apache2/error2.log
maxretry = 2
Note that when I pressed enter at the end of the "logpath"
line, I then typed a space before I
typed "/var/log/apache2/error2.log
Please try both of those. Fail2ban is very "fussy" about
its configuration files. I have made so
many errors while writing configuration files. It is
painful!
Tony
On Fri, 10 Aug 2018 at 19:38, Wayne Sallee <[email protected]
<mailto:[email protected]>>
wrote:
For example this will error:
[apache-overflows]
enabled = true
port = http,https
logpath = /var/log/apache2/error.log
/var/log/apache2/error2.log
maxretry = 2
ERROR Failed during configuration: Source contains
parsing errors: '/etc/fail2ban/jail.local'
[line 883]: '/var/log/apache2/error2.log\n'
But this will not error:
[apache-overflows]
enabled = true
port = http,https
logpath = /var/log/apache2/error.log
maxretry = 2
And this will not error:
[apache-overflows]
enabled = true
port = http,https
logpath = /var/log/apache2/error2.log
maxretry = 2
/var/log/apache2/error2.log is a substitute name.
Wayne Sallee
[email protected] <mailto:[email protected]>
http://www.WayneSallee.com
On 08/10/2018 02:14 PM, Tony Collins wrote:
Maybe there is a small mistake somewhere in the
configuration?
Please paste the jail's configuration here - we will use
"fresh eyes" to see if we can
find the problem :-)
On Fri, 10 Aug 2018 at 19:05, Wayne Sallee
<[email protected]
<mailto:[email protected]>> wrote:
I figured that was it, but then wondered surely
he knows it's disabled. :-)
I thought spacing was working before, but it's not,
nether does ";" and nether does a
new line. So I just put the others on new
lines, and commented them out. That works
:-) sortof :-)
Wayne Sallee
[email protected]
<mailto:[email protected]>
http://www.WayneSallee.com
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the
world's most
engaging tech sites, Slashdot.org!
http://sdm.link/slashdot_______________________________________________
Fail2ban-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
--
-- Tony Collins
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's
most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
http://sdm.link/slashdot_______________________________________________
Fail2ban-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
--
-- Tony Collins
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
