Es ist ja genau der Code der in der Wiki steht denke mal das die Wiki in dem Bereich noch nicht up2date ist gerade weil der nginx als frontend läuft.
Posts by mzips
-
-
so:
# Fail2Ban configuration file.
#
# This file was composed for Debian systems from the original one
# provided now under /usr/share/doc/fail2ban/examples/jail.conf
# for additional examples.
#
# Author: Yaroslav O. Halchenko <[email protected]>
#
# $Revision$
#
# The DEFAULT allows a global definition of the options. They can be overridden
# in each jail afterwards.
[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 127.0.0.1/8
findtime = 600
bantime = 600
maxretry = 3
# "backend" specifies the backend used to get files modification. Available
# options are "gamin", "polling" and "auto".
# yoh: For some reason Debian shipped python-gamin didn't work as expected
# This issue left ToDo, so polling is default backend for now
backend = auto
#
# Destination email address used solely for the interpolations in
# jail.{conf,local} configuration files.
destemail = root@localhost
#
# ACTIONS
#
# Default banning action (e.g. iptables, iptables-new,
# iptables-multiport, shorewall, etc) It is used to define
# action_* variables. Can be overridden globally or per
# section within jail.local file
banaction = iptables-multiport
# email action. Since 0.8.1 upstream fail2ban uses sendmail
# MTA for the mailing. Change mta configuration parameter to mail
# if you want to revert to conventional 'mail'.
mta = sendmail
# Default protocol
protocol = tcp
# Specify chain where jumps would need to be added in iptables-* actions
chain = INPUT
#
# Action shortcuts. To be used to define action parameter
# The simplest action to take: ban only
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
# ban & send an e-mail with whois report to the destemail.
action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
# ban & send an e-mail with whois report and relevant log lines
# to the destemail.
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
# Choose default action. To change, just override value of 'action' with the
# interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local
# globally (section [DEFAULT]) or per specific section
action = %(action_)s
#
# JAILS
#
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 6
[ssh-ddos]
enabled = true
port = ssh
filter = sshd-ddos
logpath = /var/log/auth.log
maxretry = 6
#
# HTTP servers i-MSCP customer sites
#
[apache]
enabled = true
port = http,https
filter = apache-auth
logpath = /var/log/apache2/*/error.log
maxretry = 6
# default action is now multiport, so apache-multiport jail was left
# for compatibility with previous (<0.7.6-2) releases
[apache-multiport]
enabled = true
port = http,https
filter = apache-auth
logpath = /var/log/apache2/*/error.log
maxretry = 6
[apache-noscript]
enabled = true
port = http,https
filter = apache-noscript
logpath = /var/log/apache2/*/error.log
maxretry = 6
[apache-overflows]
enabled = true
port = http,https
filter = apache-overflows
logpath = /var/log/apache2/*/error.log
maxretry = 2#
# HTTP servers i-MSCP Control Panel
#
[imscp]
enabled = true
port = http,https
filter = nginx-auth
logpath = /var/log/nginx/*error.log
maxretry = 6
# default action is now multiport, so apache-multiport jail was left
# for compatibility with previous (<0.7.6-2) releases
[imscp-multiport]
enabled = true
port = http,https
filter = nginx-auth
logpath = /var/log/nginx/*error.log
maxretry = 6
[imscp-noscript]
enabled = true
port = http,https
filter = nginx-noscript
logpath = /var/log/nginx/*error.log
maxretry = 6
[imscp-overflows]
enabled = true
port = http,https
filter = nginx-overflows
logpath = /var/log/nginx/*error.log
maxretry = 2#
# FTP servers
#
[proftpd]
enabled = true
port = ftp,ftp-data,ftps,ftps-data
filter = proftpd
logpath = /var/log/auth.log
maxretry = 6#
# Mail servers
#
#
# Mail servers authenticators: might be used for smtp,pop3,imap servers, so
# all relevant ports get banned
#
[dovecot]
enabled = true
port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
filter = dovecot
logpath = /var/log/mail.log
maxretry = 8#
# Webmail
#
#
# Webmail authenticators: Don't forget to comment the unused webmailers out
#
[roundcube]
enabled = true
port = http,https
filter = roundcube
logpath = /var/www/imscp/gui/public/tools/webmail/logs/errors
maxretry = 6
[rainloop]
enabled = true
port = http,https
filter = rainloop
logpath = /var/log/nginx/*access.log
maxretry = 6 -
Hallo und Guten Tag!
Habe das gefühl das Fail2ban nicht funktioniert, habe eine Clean Install und Fail2ban laut Wiki Installiert.
Hier mal paar auszüge:
auth.log
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: commit transaction
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin Parse the username diablo
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin try and connect to a host
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin Parse the username diablo
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin try and connect to a host
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: begin transaction
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin create statement from userPassword diablo sv01.domain.de
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin doing query SELECT mail_pass FROM mail_users WHERE mail_addr$
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin: no result found
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin create statement from cmusaslsecretPLAIN diablo sv01.domain.de
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin doing query SELECT mail_pass FROM mail_users WHERE mail_addr$
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin: no result found
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: commit transaction
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin Parse the username diablo
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin try and connect to a host
Jul 12 06:33:48 sv01 postfix/smtpd[16112]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql auxprop plugin using mysql engine
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin Parse the username diamond
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin try and connect to a host
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: begin transaction
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin create statement from userPassword diamond sv01.domain.de
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin doing query SELECT mail_pass FROM mail_users WHERE mail_addr$
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin: no result found
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: commit transaction
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin Parse the username diamond
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin try and connect to a host
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin Parse the username diamond
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin try and connect to a host
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: begin transaction
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin create statement from userPassword diamond sv01.domain.de
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin doing query SELECT mail_pass FROM mail_users WHERE mail_addr$
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin: no result found
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin create statement from cmusaslsecretPLAIN diamond sv01.mzips.$
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin doing query SELECT mail_pass FROM mail_users WHERE mail_addr$
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin: no result found
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: commit transaction
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin Parse the username diamond
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin try and connect to a host
Jul 12 06:57:07 sv01 postfix/smtpd[16573]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 07:20:16 sv01 postfix/smtpd[17211]: sql auxprop plugin using mysql engine
Jul 12 07:20:16 sv01 postfix/smtpd[17211]: sql plugin Parse the username doctor
Jul 12 07:20:16 sv01 postfix/smtpd[17211]: sql plugin try and connect to a host
Jul 12 07:20:16 sv01 postfix/smtpd[17211]: sql plugin trying to open db 'imscp' on host '127.0.0.1:3306'
Jul 12 07:20:16 sv01 postfix/smtpd[17211]: begin transactionfail2ban.log
2015-07-11 21:41:29,474 fail2ban.server [19711]: INFO Changed logging target to /var/log/fail2ban.log for Fail2$
2015-07-11 21:41:29,475 fail2ban.jail [19711]: INFO Creating new jail 'ssh'
2015-07-11 21:41:29,524 fail2ban.jail [19711]: INFO Jail 'ssh' uses pyinotify
2015-07-11 21:41:29,560 fail2ban.jail [19711]: INFO Initiated 'pyinotify' backend
2015-07-11 21:41:29,562 fail2ban.filter [19711]: INFO Added logfile = /var/log/auth.log
2015-07-11 21:41:29,564 fail2ban.filter [19711]: INFO Set maxRetry = 6
2015-07-11 21:41:29,566 fail2ban.filter [19711]: INFO Set findtime = 600
2015-07-11 21:41:29,567 fail2ban.actions[19711]: INFO Set banTime = 600
2015-07-11 21:41:29,645 fail2ban.jail [19711]: INFO Jail 'ssh' started
2015-07-11 21:42:33,464 fail2ban.server [19711]: INFO Stopping all jails
2015-07-11 21:42:33,772 fail2ban.jail [19711]: INFO Jail 'ssh' stopped
2015-07-11 21:42:33,774 fail2ban.server [19711]: INFO Exiting Fail2banservice fail2ban Status
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR Found no accessible config files for 'filter.d/nginx-noscript'...l2ban
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR Unable to read the filter
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR Errors in jail 'imscp-noscript'. Skipping...
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR Found no accessible config files for 'filter.d/nginx-overflows...l2ban
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR Unable to read the filter
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR Errors in jail 'imscp-overflows'. Skipping...
Jul 11 21:42:59 sv01 fail2ban[19806]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR No file(s) found for glob /var/log/apache2/*/error.log
Jul 11 21:42:59 sv01 fail2ban[19806]: ERROR Failed during configuration: Have not found any log file for a... jail
Jul 11 21:42:59 sv01 fail2ban[19806]: failed!
Hint: Some lines were ellipsized, use -l to show in full.Sehe ich das nun richtig das fail2ban nicht wirklich läuft ? wäre dankbar über hilfe bzw Informationen.
LG
-
The plugins in store
-
Wie der Titel schon sagt: was denkt ihr ist ein must have von Plugins ? für Debian 8.1
LG
-
Hallo und Guten Abend !
Hat Jemand Piwik schon in der 1.2.9 am laufen wenn ja wie ist er da vorgegangen in der Wiki ist glaube ich noch alles über Apache oder ? wie sieht es da mit Nginx aus da es ja über das Frontend läuft?!
Kleine Anleitung wäre super.
LG
-
I have found the Problem because on Install Wiki he must Change it like this:
echo 'host.domain.tld' > /etc/hostname
hostname -F /etc/hostnamewhen i have it so set i have become the Error
Know when I Change it like this:
nano /etc/Hosts
127.0.0.1 localhost.localdomain localhost
192.168.1.100 host.domain.tld hostnano /etc/hostname
host
reboot Server
Thene Check
hostname
hostname -fAnd whit this I have no Errors
When Admin say it is so ok I was Happy to Change it in this Wiki.
Sry for my Bad English I hope you understand me.
Greetz
-
It is an Root Server not VM
-
I Have an Clean min Debian 8.1 System.
I Have Change the Hostname Like this:
echo 'sv01.domain.de' > /etc/hostname
hostname -F /etc/hostnameThen I have Install the i-MSCP
I have set in Install FQDN sv01.domain.deOn End i become an error:
[ERROR] main::setupAskServerHostname: Unable to find server hostname (server misconfigured?): hostname: Name or service not known
Who is that Problem?
Greetz
-
Hallo und Guten Tag,
Kleine Frage hätte ich da, gehe ich den Installer durch und komme zu dem Punkt der Frage zu den User und Passwörter der Anwendungen ist es ja leider nicht möglich die Passwörter zu Pasten, jetzt stelle ich mir die Frage ist es sinnvoll autogenerate zu machen wenn ja ist es zwecks notwendig die vorgegebenen Passwörter aufzuschreiben ? oder gibt es die Möglichkeit sie im späteren Zeitpunkt zu ändern und oder rauszusuchen ? oder gibt es eine Möglichkeit vor Ausführung des Installer sie in einer Config einzutragen ? es ist echt mühsam sichere Passwörter immer per Hand einzugeben
Vielen Dank im Voraus
Greetz