From 6bbbca9bb98c8a3c37bfc8795048995c673b795a Mon Sep 17 00:00:00 2001 From: Thuban <thuban@yeuxdelibad.net> Date: Mon, 26 Feb 2018 16:38:51 +0000 Subject: [PATCH] example config file installed --- vilain.conf | 18 ++++++++++-------- Makefile | 4 ++++ 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 92f620b..94258e0 100644 --- a/Makefile +++ b/Makefile @@ -21,6 +21,9 @@ @chmod 755 ${DESTDIR}${PREFIX}/bin/vilainreport @chmod 644 ${DESTDIR}${PREFIX}/sbin/vilain.py @chmod 644 ${DESTDIR}${PREFIX}/sbin/vilainreport.py + @echo installing sample config file + @cp -f vilain.conf /etc/vilain.conf + @chmod 644 /etc/vilain.conf @echo installing init script in /etc/rc.d @cp -f vilain.rc /etc/rc.d/vilain @chmod 755 /etc/rc.d/vilain @@ -38,5 +41,6 @@ @rm -f ${DESTDIR}${PREFIX}/sbin/vilainreport.py @echo removing manual page to ${DESTDIR}${MANPREFIX}/ @rm -f ${DESTDIR}${MANPREFIX}/vilain.1 + @echo Remove configuration file manually if you want, located at /etc/vilain.conf .PHONY: install uninstall diff --git a/vilain.conf b/vilain.conf index 907460e..c12a92e 100644 --- a/vilain.conf +++ b/vilain.conf @@ -17,8 +17,7 @@ ### Ip ignored ### [ignoreip] -ip1 = 92.150.160.157 -ip2 = 92.150.160.156 +ip1 = 127.0.0.1 ### Guardians #[name of the guardian] @@ -49,22 +48,25 @@ [smtp] logfile = /var/log/maillog regex = .* event=failed-command address=([\S]+) .* +maxtries = 2 [dovecot] logfile = /var/log/maillog regex = .*auth failed.*rip=([\S]+),.* +maxtries = 2 [wordpress] # don't use if you have wordpress logfile = /var/www/logs/access.log regex = (?:\S+\s){1}(\S+).*wp-login.php.* +maxtries = 1 # Nextcloud: login page # Nextcloud 12 brings protection against brute-force attacks # but 1/ not yet tested so far 2/ system protection is probably more efficient -[nextcloud] -logfile = /var/www/htdocs/datacloud/nextcloud.log -regex = .*Bruteforce attempt from \\"(.*)\\" detected +#[nextcloud] +#logfile = /var/www/htdocs/datacloud/nextcloud.log +#regex = .*Bruteforce attempt from \\"(.*)\\" detected # Nextcloud: public shares protected by password # regex is compliant with NginX log format: @@ -72,6 +74,6 @@ # log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; -[nextcloud-share] -logfile = /var/www/logs/access-nextcloud.log -regex = (\d+\.\d+\.\d+\.\d+) \-.*POST /s/\w+/authenticate HTTP/1.1\" 200 +#[nextcloud-share] +#logfile = /var/www/logs/access-nextcloud.log +#regex = (\d+\.\d+\.\d+\.\d+) \-.*POST /s/\w+/authenticate HTTP/1.1\" 200 -- Gitblit v1.9.3