fail2ban

PHP MySQL admin tools

Configuration to block IP addresses probing your web server for PHP-based database admin tools.

/etc/fail2ban/filter.d/phpmyadmin.conf:

# Fail2Ban configuration file
#
# Check Apache logs for attempts to access PHP admin tools
#

[Definition]

# Option: failregex
# Notes.: regex to match the 404'ed PMA file in the logfile. The
# host must be matched by a group named "host". The tag "" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P\S+)
# Values: TEXT

Technology:

fail2ban

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.

Installation
Download the source:

cd /extra/src
wget http://voxel.dl.sourceforge.net/project/fail2ban/fail2ban-stable/fail2ban-0.8.4/fail2ban-0.8.4.tar.bz2 
tar jxf fail2ban-0.8.4.tar.bz2
cd fail2ban-0.8.4

Run the installation script. fail2ban will be installed in /usr/share/fail2ban/ and /usr/bin/, configuration files will be in /etc/fail2ban:

./setup.py install

Automatic startup

Technology:

Subscribe to RSS - fail2ban

Recent Updates

  • 1 week 4 days ago
    Switching to http://qmail.jms1.net/dspam method.
  • 1 week 4 days ago
  • 1 week 4 days ago
    PHP 5.3 adjustments to configure switches.
  • 1 week 4 days ago
  • PHP
    1 week 4 days ago
    Update from PHP 5.3 to 5.5