Commit 350c4d30 authored by nono's avatar nono 💻
Browse files

Merge branch 'master' of git.laquadrature.net:lqdn-interne/piops-roles/security-lqdn

parents 52986982 43d20a00
......@@ -263,7 +263,8 @@ action_abuseipdb = abuseipdb
# Choose default action. To change, just override value of 'action' with the
# interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local
# globally (section [DEFAULT]) or per specific section
action = %(action_mwl)s
action = %(action_)s
#
......@@ -304,7 +305,6 @@ logpath = %(auditd_log)s
#
[apache-auth]
enabled = true
port = http,https
logpath = %(apache_error_log)s
......@@ -312,7 +312,6 @@ logpath = %(apache_error_log)s
[apache-badbots]
# Ban hosts which agent identifies spammer robots crawling the web
# for email addresses. The mail outputs are buffered.
enabled = true
port = http,https
logpath = %(apache_access_log)s
bantime = 48h
......@@ -320,34 +319,29 @@ maxretry = 1
[apache-noscript]
enabled = true
port = http,https
logpath = %(apache_error_log)s
[apache-overflows]
enabled = true
port = http,https
logpath = %(apache_error_log)s
maxretry = 2
[apache-nohome]
enabled = true
port = http,https
logpath = %(apache_error_log)s
maxretry = 2
[apache-botsearch]
enabled = true
port = http,https
logpath = %(apache_error_log)s
maxretry = 2
[apache-fakegooglebot]
enabled = true
port = http,https
logpath = %(apache_access_log)s
maxretry = 1
......@@ -355,14 +349,12 @@ ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip>
[apache-modsecurity]
enabled = true
port = http,https
logpath = %(apache_error_log)s
maxretry = 2
[apache-shellshock]
enabled = true
port = http,https
logpath = %(apache_error_log)s
maxretry = 1
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment