Would like to include the logpaths on a host with multiple websites, ..
An include file can be added in the filter definition, .. but logpath is
required in the jail definitition, and it appears that an include is only
allowed in teh filter.
How can one include the logpaths?
TIA!!
On Wed, 8 Feb 2023, Marcos A.T. Silva wrote:
> 2023-02-08 14:31:39,279 fail2ban [1495]: ERROR Failed during
> >configuration: Have not found any log file for selinux-ssh jail
>
The error message indicates you are trying to start the selinux-ssh jail,
but there is no log file as specified.
Solutio
On Wed, 8 Feb 2023, Marcos A.T. Silva wrote:
> Hi,
>
> Thanks for your answer.
>
> So, just putting a "enabled = false" below the line of that jail?
>
Simpler and cleaner to use individual jaim files jail.d and just rename
the file to __.conf.bu
Lee
_
On Thu, 9 Feb 2023, Marcos A.T. Silva wrote:
> Hi again,
>
> I think I understood. Thank you very much.
>
> Well, doing that (I??ve only changed tne jail.local because I don't
> understood very well that jail.d part) the error regarding Selinux
> disappeared. But now a new error is being displayed
On Thu, 9 Feb 2023, Marcos A.T. Silva wrote:
> What's the default "mode"? Every jail in my jail.local does not have a
> "enabled" line (as for example `enabled = true`). So, I am assuming that
> this way all of them are enabled by default, right?
>
That's why you need to move them into .conf files
On Thu, 9 Feb 2023, Mauricio Tavares wrote:
> My suggestion is to find which services you are using and then
> where they are writing their logs to. Take a look at jail.conf (I
> forgot to mention that file). Chances are there are entries for most
> of the services there. Case in point, the
On Thu, 9 Feb 2023, Marcos A.T. Silva wrote:
> I think the above is overriding jail.conf. As the jail.conf file does not
> have a line `enabled` (with true or false values) for any of the jails, I
> also suppose anyway that jail.local is overriding that. Is this right?
>
Prevent confusion and move
On Wed, 14 Aug 2024, Harold Hallikainen via Fail2ban-users wrote:
> THANKS! I could not find that in any of the documentation (but I may have
> missed it). My server is getting swamped causing a whole lot of php-fpm to
> run.
>
Harold,
Don't forget the old standby:
iptables -I INPUT -s -j DROP
