fail2ban

PHP MySQL admin tools

Posted in

fail2ban

Configuration to block IP addresses probing your web server for PHP-based database admin tools.

/etc/fail2ban/filter.d/phpmyadmin.conf:


# Fail2Ban configuration file

#

# Check Apache logs for attempts to access PHP admin tools

#
[Definition]

# Option: failregex # Notes.: regex to match the 404'ed PMA file in the logfile. The # host must be matched by a group named "host". The tag "" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P\S+) # Values: TEXT

fail2ban

Posted in

fail2ban

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.

Installation
Download the source:

cd /extra/src
wget http://voxel.dl.sourceforge.net/project/fail2ban/fail2ban-stable/fail2ban-0.8.4/fail2ban-0.8.4.tar.bz2  
tar jxf fail2ban-0.8.4.tar.bz2
cd fail2ban-0.8.4

Run the installation script. fail2ban will be installed in /usr/share/fail2ban/ and /usr/bin/, configuration files will be in /etc/fail2ban:

./setup.py install

Automatic startup

Navigation

User login

Recent Updates

Performance

1 week 4 days ago
nginx

2 weeks 12 hours ago
Realtime Blackhole Lists

2 weeks 4 days ago
Queue Utilities

2 weeks 6 days ago
Authentication

3 weeks 5 days ago