You are here

Home » API reference » Fail2ban Firewall Integration 7.2

README.txt in Fail2ban Firewall Integration 7.2

Same filename and directory in other branches
  1. 6 README.txt
  2. 7 README.txt
== FAIL2BAN ==

This module allows you to submit IP addresses to the firewall, to stop
them comment spamming your site or performing brute-force dictionary
attacks.

The fail2ban daemon monitors application and system log files such as
/var/log/auth.log or /var/log/apache/access.log and bans IP addresses by
updating or adding firewall rules. The expiry time of these bans and other
options can be configured.

Note that you do not need this module if Drupals syslog module already logs
all events you want to sue for fail2ban actions!

== REQUIREMENTS ==

To make use of fail2ban you will need to install the fail2ban system utility.
For most distributions it is already packaged. See http://www.fail2ban.org/
for more info.


== INSTALLATION ==

1. Extract the module to sites/*/modules and enable it via the module
   admin page.

2. In the contrib/ directory you will find the jail.local.conf file,
   which contains configuration snippets. You can add these snippets to
   your /etc/fail2ban/jail.conf file or copy the entire file to
   /etc/fail2ban/jail.local. The latter is the recommended method.

   The filters are DISABLED by default in jail.local, so you need to
   enable the jails by setting "enabled = true".

   Copy the filters from contrib/filter.d to /etc/fail2ban/filter.d

3. Restart fail2ban via "/etc/init.d/fail2ban restart".

The system utility se pre-configured with the localhost address whitelisted.
It is a good diea to also whitelist the IP address you use you manage your
Drupal site.


== CONFIGURATION ==

Browse to http://example.com/?q=admin/config/development/logging/fail2ban to
change the fail2ban settings.

When the checkbox on http://example.com/?q=admin/content/comment site is
enabled and a comment is selected to be unpublished, the module will create
a log entry, which in turn causes fail2ban to block the IP address that the
comment was submitted from for the period set in /etc/fail2ban/jail.local.


== AUTHORS ==

Peter Lieverdink <me@cafuego.net>

Additional jails were provided by Tipi Koivisto <tipi@koivisto.eu>


== LICENSE ==

http://www.gnu.org/licenses/gpl-2.0.html

File

README.txt
View source 
  1. == FAIL2BAN ==

  2. 

  3. This module allows you to submit IP addresses to the firewall, to stop

  4. them comment spamming your site or performing brute-force dictionary

  5. attacks.

  6. 

  7. The fail2ban daemon monitors application and system log files such as

  8. /var/log/auth.log or /var/log/apache/access.log and bans IP addresses by

  9. updating or adding firewall rules. The expiry time of these bans and other

  10. options can be configured.

  11. 

  12. Note that you do not need this module if Drupals syslog module already logs

  13. all events you want to sue for fail2ban actions!

  14. 

  15. == REQUIREMENTS ==

  16. 

  17. To make use of fail2ban you will need to install the fail2ban system utility.

  18. For most distributions it is already packaged. See http://www.fail2ban.org/

  19. for more info.

  20. 

  21. 

  22. == INSTALLATION ==

  23. 

  24. 1. Extract the module to sites/*/modules and enable it via the module

  25.    admin page.

  26. 

  27. 2. In the contrib/ directory you will find the jail.local.conf file,

  28.    which contains configuration snippets. You can add these snippets to

  29.    your /etc/fail2ban/jail.conf file or copy the entire file to

  30.    /etc/fail2ban/jail.local. The latter is the recommended method.

  31. 

  32.    The filters are DISABLED by default in jail.local, so you need to

  33.    enable the jails by setting "enabled = true".

  34. 

  35.    Copy the filters from contrib/filter.d to /etc/fail2ban/filter.d

  36. 

  37. 3. Restart fail2ban via "/etc/init.d/fail2ban restart".

  38. 

  39. The system utility se pre-configured with the localhost address whitelisted.

  40. It is a good diea to also whitelist the IP address you use you manage your

  41. Drupal site.

  42. 

  43. 

  44. == CONFIGURATION ==

  45. 

  46. Browse to http://example.com/?q=admin/config/development/logging/fail2ban to

  47. change the fail2ban settings.

  48. 

  49. When the checkbox on http://example.com/?q=admin/content/comment site is

  50. enabled and a comment is selected to be unpublished, the module will create

  51. a log entry, which in turn causes fail2ban to block the IP address that the

  52. comment was submitted from for the period set in /etc/fail2ban/jail.local.

  53. 

  54. 

  55. == AUTHORS ==

  56. 

  57. Peter Lieverdink 

  58. 

  59. Additional jails were provided by Tipi Koivisto 

  60. 

  61. 

  62. == LICENSE ==

  63. 

  64. http://www.gnu.org/licenses/gpl-2.0.html