FAIL2BAN - Filter.d - PHPmyAdmin

From Wiki.IT-Arts.net


Filter.d

# /etc/fail2ban/filter.d/phpmyadmin.conf
#
# Fail2Ban configuration file
#
# Bans bots scanning for non-existing phpMyAdmin installations on your webhost.
#
# Author: Gina Haeussge
#
 
[Definition]
 
docroot = /var/www
badadmin = PMA|phpmyadmin|myadmin|mysql|mysqladmin|sqladmin|mypma|admin|xampp|mysqldb|mydb|db|pmadb|phpmyadmin1|phpmyadmin2|administrator|database|sql|phpMyAdmin|MyAdmin|dbadmin|php-myadmin|phpmy-admin|phpmyAdmin
 
# Option:  failregex
# Notes.:  Regexp to match often probed and not available phpmyadmin paths.
# Values:  TEXT
#
failregex = [[]client <HOST>[]] File does not exist: %(docroot)s/(?:%(badadmin)s)
 
# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =


Jail.conf

[phpmyadmin]
enabled = true
port = http,https
logpath = /var/log/nginx/*error.log
maxretry = 1
Retrieved from "https://wiki.it-arts.net/index.php?title=FAIL2BAN_-_Filter.d_-_PHPmyAdmin&oldid=34"