We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
fail2ban - apache-badbots apache-badsearch
-
- Posts: 37
- Joined: Tue Mar 06, 2018 8:38 am
- Os: Debian 8x
- Web: apache
fail2ban - apache-badbots apache-badsearch
Hi trying to get these 2 working, but not having any joy!
/etc/fail2ban/jail.conf
Working entry looks like this
getting following errors in log
No iptables created
Any ideas what i am missing?
thanks
/etc/fail2ban/jail.conf
Code: Select all
[apache-badbots]
enabled = true
filter = apache-badbots
action = vesta[name=BADBOTS]
logpath = /var/log/apache2/domains/*.log
maxretry = 3
[apache-botsearch]
enabled = true
filter = apache-botsearch
action = vesta[name=BADSEARCH]
logpath = /var/log/apache2/domains/*.log
maxretry = 3
Code: Select all
[ssh-iptables]
enabled = true
filter = sshd
action = vesta[name=SSH]
logpath = /var/log/auth.log
maxretry = 3
Code: Select all
** ERRORS **
/usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- stderr: b'': 1 Time(s)
/usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- stdout: b'Usage: v-add-firewall-chain CHAIN PORT\n': 1 Time(s)
/usr/local/vesta/bin/v-add-firewall-chain BADSEARCH -- stderr: b'': 1 Time(s)
/usr/local/vesta/bin/v-add-firewall-chain BADSEARCH -- stdout: b'Usage: v-add-firewall-chain CHAIN PORT\n': 1 Time(s)
Failed to start jail 'apache-badbots' action 'vesta': Error starting action: 1 Time(s)
Failed to start jail 'apache-botsearch' action 'vesta': Error starting action: 1 Time(s)
1 error(s) returned from actions:
2018-10-26 12:31:42,679 fail2ban.action [1184]: ERROR /usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- returned 1
2018-10-26 12:31:42,783 fail2ban.action [1184]: ERROR /usr/local/vesta/bin/v-add-firewall-chain BADSEARCH -- returned 1
Code: Select all
iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-VESTA tcp -- anywhere anywhere tcp dpt:8083
fail2ban-FTP tcp -- anywhere anywhere tcp dpt:ftp
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
f2b-recidive all -- anywhere anywhere
f2b-sshd tcp -- anywhere anywhere multiport dports ssh
fail2ban-MAIL tcp -- anywhere anywhere multiport dports smtp,urd,submission,2525,pop3,pop3s,imap2,imaps
thanks
-
- Posts: 37
- Joined: Tue Mar 06, 2018 8:38 am
- Os: Debian 8x
- Web: apache
Re: fail2ban - apache-badbots apache-badsearch
ok tried running command via console.
Code: Select all
/usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- stdout: b'Usage: v-add-firewall-chain CHAIN PORT\n'
iptables v1.6.0: unknown protocol "busage:" specified
Try `iptables -h' or 'iptables --help' for more information.
Re: fail2ban - apache-badbots apache-badsearch
you specified:
in file /usr/local/vesta/bin/v-add-firewall-chain
Either add your name, or choose from the standard ones, for apache it’s suitable:
Code: Select all
action = vesta[name=BADBOTS]
Code: Select all
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking known chains
case $chain in
SSH) # Get ssh port by reading ssh config file.
sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
if [ -z "$sshport" ]; then
sshport=2552
fi
port=$sshport;
protocol=TCP ;;
FTP) port=21; protocol=TCP ;;
MAIL) port='25,465,587,2525,110,995,143,993'; protocol=TCP ;;
DNS) port=53; protocol=UDP ;;
WEB) port='80,443'; protocol=TCP ;;
DB) port='3306,5432'; protocol=TCP ;;
VESTA) port=$vestaport; protocol=TCP ;;
*) check_args '2' "$#" 'CHAIN PORT' ;;
esac
Code: Select all
action = vesta[name=WEB]