From 7c496c045ad95c2426b9231565165c17dd538918 Mon Sep 17 00:00:00 2001 From: Thuban <thuban@yeuxdelibad.net> Date: Sat, 01 Dec 2018 09:24:25 +0000 Subject: [PATCH] merge --- vilain.conf | 14 ++++++++++++-- 1 files changed, 12 insertions(+), 2 deletions(-) diff --git a/vilain.conf b/vilain.conf index 907460e..ee687be 100644 --- a/vilain.conf +++ b/vilain.conf @@ -17,8 +17,7 @@ ### Ip ignored ### [ignoreip] -ip1 = 92.150.160.157 -ip2 = 92.150.160.156 +ip1 = 127.0.0.1 ### Guardians #[name of the guardian] @@ -33,6 +32,14 @@ [ssh2] logfile = /var/log/authlog regex = .* Connection closed by ([\S]+) .* + +[ssh3] +logfile = /var/log/authlog +regex = .* Invalid user \w+ ([\S]+) .* + +[ssh4] +logfile = /var/log/authlog +regex = .* Disconnected from authenticating user root ([\S]+) .* #[http404] #logfile = /var/www/logs/access.log @@ -49,15 +56,18 @@ [smtp] logfile = /var/log/maillog regex = .* event=failed-command address=([\S]+) .* +maxtries = 2 [dovecot] logfile = /var/log/maillog regex = .*auth failed.*rip=([\S]+),.* +maxtries = 2 [wordpress] # don't use if you have wordpress logfile = /var/www/logs/access.log regex = (?:\S+\s){1}(\S+).*wp-login.php.* +maxtries = 1 # Nextcloud: login page # Nextcloud 12 brings protection against brute-force attacks -- Gitblit v1.9.3