mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-28 10:30:28 +00:00
Add systemD/journalD sftpgo Fail2ban configuration
This commit is contained in:
parent
c7e55db4e0
commit
8e0ca88421
3 changed files with 28 additions and 1 deletions
|
@ -513,7 +513,9 @@ The logs can be divided into the following categories:
|
||||||
- `login_type` string. Can be `public_key`, `password` or `no_auth_tryed`
|
- `login_type` string. Can be `public_key`, `password` or `no_auth_tryed`
|
||||||
- `error` string. Optional error description
|
- `error` string. Optional error description
|
||||||
|
|
||||||
The **connection failed logs** can be used for better integration in tools such as [Fail2ban](http://www.fail2ban.org/)
|
### Brute force protection
|
||||||
|
|
||||||
|
The **connection failed logs** can be used for better integration in tools such as [Fail2ban](http://www.fail2ban.org/). Example of [jails](./fail2ban/jails) and [filters](./fail2ban/filters) working with systemD/journalD are available in fail2ban directory.
|
||||||
|
|
||||||
## Acknowledgements
|
## Acknowledgements
|
||||||
|
|
||||||
|
|
15
fail2ban/filters/sftpgo.conf
Normal file
15
fail2ban/filters/sftpgo.conf
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
[INCLUDES]
|
||||||
|
before = common.conf
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
_daemon = sftpgo
|
||||||
|
|
||||||
|
[Definition]
|
||||||
|
|
||||||
|
# By default, first authenticate method is public_key and must be excluded from the filter to avoid false positives failed attemps
|
||||||
|
failregex = ^.*"sender":"connection_failed","client_ip":"<HOST>","username":".*","login_type":"password".*"}$
|
||||||
|
|
||||||
|
ignoreregex =
|
||||||
|
|
||||||
|
[Init]
|
||||||
|
journalmatch = _SYSTEMD_UNIT=sftpgo.service + _COMM=sftpgo
|
10
fail2ban/jails/sftpgo.conf
Normal file
10
fail2ban/jails/sftpgo.conf
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
[sftpgo]
|
||||||
|
enabled = true
|
||||||
|
port = 2022
|
||||||
|
filter = sftpgo
|
||||||
|
action = iptables-allports[name=sftpgo]
|
||||||
|
logpath =
|
||||||
|
backend = systemd
|
||||||
|
maxretry = 5
|
||||||
|
bantime = 600
|
||||||
|
findtime = 86400
|
Loading…
Reference in a new issue