fail2ban filters – custom rules using regexp

fail2Ban is a very handy tool to prevent a lot of unwanted traffic from consuming bandwidth on your servers. It’s a minimal and relatively simple IDS Type Tool that comes with some predefined filters to automatically lockout potentially dangerous or bandwidth-consuming type attacks. 1. creating a custom filter /etc/fail2ban/filter.d/custom.conf [Definition] badagents = 360Spider|ZmEu|Auto Spider 1.0|zgrab/[0-9]*\.[0-9a-zA-Z]*|Wget\(.*\)|MauiBot.* failregex = ^.+?:\d+ <HOST> -.*"(GET|POST|HEAD).*HTTP.*(?:%(badagents)s)"$ ignoreregex = 2. test the custom filter against a log file using the following command fail2ban-regex /path-to-samples/sample.log /etc/fail2ban/filter.d/custom.conf ...

October 16, 2019 · 1 min · 169 words · Akhil Jalagam

Restricting Access with HTTP Basic Authentication in Apache and Nginx

You can restrict access to your website or some parts of it by implementing a username/password authentication. Usernames and passwords are taken from a file created and populated by a password file creation tool, for example, apache2-utils. Creating a Password File Create additional user-password pairs. Omit the -c flag because the file already exists Nginx configuration location /public/ { auth_basic off; } } ...

October 12, 2019 · 1 min · 95 words · Akhil Jalagam

apache2/httpd – IP based restriction to a virtual host

The Require provides a variety of different ways to allow or deny access to resources. In conjunction with the RequireAll, RequireAny, and RequireNone directives, these requirements may be combined in arbitrarily complex ways, to enforce whatever your access policy happens to be. example: <VirtualHost *:80> ServerName example.net Documentroot /var/www/html/ <Location /> Require ip 192.168.0.0/24 10.0.0.2 </Location>; </VirtualHost>

September 26, 2019 · 1 min · 57 words · Akhil Jalagam

How to Redirect HTTP to HTTPS in apache

Install modules Enable modules Method 1 using rewrite module RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] </VirtualHost> Method 2 using redirect method Redirect permanent / https://www.yourdomain.com/ </VirtualHost>

September 4, 2019 · 1 min · 29 words · Akhil Jalagam

How to set up Reverse Proxy in Apache/httpd

Install and enable apache2 proxy modules proxies all requests (“/”) to a single backend: to point to the reverse proxy, instead of back to itself, the ProxyPassReverse directive is most often required: Only specific URIs can be proxied Example ServerName example.net Documentroot /var/www/html/ ProxyPass “/” “http://www.example.com/" ProxyPassReverse “/” “http://www.example.com/" ...

September 2, 2019 · 1 min · 50 words · Akhil Jalagam