2022-03-02 00:41:53 +01:00
|
|
|
# {{ ansible_managed }}
|
|
|
|
|
|
|
|
[DEFAULT]
|
|
|
|
ignoreip = 127.0.0.1/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
|
|
|
|
|
2022-03-21 14:29:38 +01:00
|
|
|
destemail = {{ reverse_proxy_default_serveradmin_email }}
|
2022-03-02 00:41:53 +01:00
|
|
|
banaction = nftables-multiport
|
|
|
|
banaction_allports = nftables-allports
|
|
|
|
action = %(action_mwl)s
|
2022-06-10 10:10:35 +02:00
|
|
|
maxretry = 10
|
|
|
|
bantime = 1h
|
2022-03-02 00:41:53 +01:00
|
|
|
|
|
|
|
apache_error_log = /var/log/apache2/*error.log
|
|
|
|
apache_access_log = /var/log/apache2/*access.log
|
|
|
|
|
|
|
|
[sshd]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
[apache-auth]
|
|
|
|
enabled = true
|
|
|
|
logpath = %(apache_error_log)s
|
|
|
|
|
|
|
|
[apache-badbots]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
[apache-noscript]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
[apache-overflows]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
[apache-nohome]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
[apache-botsearch]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
[apache-fakegooglebot]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
[apache-shellshock]
|
|
|
|
enabled = true
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[recidive]
|
|
|
|
enabled = true
|
2022-06-10 10:10:35 +02:00
|
|
|
bantime = 4h
|
|
|
|
bantime.increment = true
|
|
|
|
bantime.maxtime = 1w
|