From: mhoellein Date: Thu, 26 Sep 2019 10:30:32 +0000 (+0200) Subject: fail2ban config changed X-Git-Url: https://git.hoellein.online/?a=commitdiff_plain;h=5ece712dc9c04bf7195eae1221ee492ddb638d82;p=vserver fail2ban config changed --- diff --git a/.etckeeper b/.etckeeper index 79094e3e4..14ac9ae75 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1055,7 +1055,10 @@ maybe chmod 0644 'fail2ban/filter.d/zoneminder.conf' maybe chmod 0644 'fail2ban/ip.blacklist' maybe chmod 0644 'fail2ban/jail.conf' maybe chmod 0755 'fail2ban/jail.d' +maybe chmod 0644 'fail2ban/jail.d/apache.conf' +maybe chmod 0644 'fail2ban/jail.d/dovecot.conf' maybe chmod 0644 'fail2ban/jail.d/ip-blacklist.conf' +maybe chmod 0644 'fail2ban/jail.d/postfix.conf' maybe chmod 0644 'fail2ban/jail.d/ssh.conf' maybe chmod 0644 'fail2ban/paths-arch.conf' maybe chmod 0644 'fail2ban/paths-common.conf' @@ -2238,6 +2241,9 @@ maybe chmod 0644 'letsencrypt/csr/0820_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/0821_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/0822_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/0823_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0824_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0825_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/0826_csr-certbot.pem' maybe chmod 0700 'letsencrypt/keys' maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/0001_key-certbot.pem' @@ -3063,6 +3069,9 @@ maybe chmod 0600 'letsencrypt/keys/0820_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/0821_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/0822_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/0823_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0824_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0825_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/0826_key-certbot.pem' maybe chmod 0700 'letsencrypt/live' maybe chmod 0755 'letsencrypt/live/collabora.hoellein.online' maybe chmod 0644 'letsencrypt/live/collabora.hoellein.online/README' diff --git a/fail2ban/jail.d/apache.conf b/fail2ban/jail.d/apache.conf new file mode 100644 index 000000000..4cdf95c14 --- /dev/null +++ b/fail2ban/jail.d/apache.conf @@ -0,0 +1,17 @@ +[apache-auth] +enabled = true + +[apache-overflows] +enabled = true + +[apache-nohome] +enabled = true + +[apache-botsearch] +enabled = true + +[apache-fakegooglebot] +enabled = true + +[apache-modsecurity] +enabled = true diff --git a/fail2ban/jail.d/dovecot.conf b/fail2ban/jail.d/dovecot.conf new file mode 100644 index 000000000..982ffe744 --- /dev/null +++ b/fail2ban/jail.d/dovecot.conf @@ -0,0 +1,2 @@ +[dovecot] +enabled = true diff --git a/fail2ban/jail.d/postfix.conf b/fail2ban/jail.d/postfix.conf new file mode 100644 index 000000000..14202c72a --- /dev/null +++ b/fail2ban/jail.d/postfix.conf @@ -0,0 +1,3 @@ +[postfix] +enabled = true + diff --git a/fail2ban/jail.d/ssh.conf b/fail2ban/jail.d/ssh.conf index 9eb356c82..6a7e72af7 100644 --- a/fail2ban/jail.d/ssh.conf +++ b/fail2ban/jail.d/ssh.conf @@ -1,2 +1,3 @@ [sshd] +ignoreip = 146.0.121.193 enabled = true diff --git a/letsencrypt/csr/0824_csr-certbot.pem b/letsencrypt/csr/0824_csr-certbot.pem new file mode 100644 index 000000000..0ef5b5eaa --- /dev/null +++ b/letsencrypt/csr/0824_csr-certbot.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICcjCCAVoCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL2n +D6sf1E1mgmyOFfU1heV2NDNwTf2eRHb1wjUEyNog8ZKP3j077KXE6V5cDYNSQQhX +OsrGJqto7I/OUBEmZzV29tw0XNgz6H8ni5q9znVyyGGjqn8VG/UQ6iMdDwc+bOwP +EH6CspkgE/x6/IvDjpao1XL4c+W1aNTElE9Am4x47c4HhIBLz2SfLrg7pkTdPrhZ +OE1aOiFvM+Fj0u6RxV8vsHIg9pJCI4vcVTQ23bfWEcrbsiysGTvU/H8FyoE9s7z7 +pHw4rYT90+iNTSWg2eKs2Zq7Yb9K7GJgHikPcSzm7cbtJl6hESnl/RCAs/Zi6qHe +q+vVOLa+Fm6IObl/E3UCAwEAAaAtMCsGCSqGSIb3DQEJDjEeMBwwGgYDVR0RBBMw +EYIPaG9lbGxlaW4ub25saW5lMA0GCSqGSIb3DQEBCwUAA4IBAQBsi5mUOT4ObocS +x4ai8F7lLcBmiPtbaTO+BCG/wgNjR7zWTta5FjDL5QnKXrlR+RWqnLIX1Il17LpJ +ZqxefBYVRYnW0ovlnXxjRAYIcqfRfgvsy5ILL0sZQ6JrupAm5qWKomtpfDfFOdo+ +wH+xsPuij+wWtSNsdD+31geM0kj94a7a5r1Va0RGsXAhSQTr4UhU/tcb0/ZCl+9E +5uGBJ2oDnOtuVrUKeqrpYzFrctFLXvxgcAXfhfvF1Po0R2D2Y/EFOdhoBoYtvH2h +Axo6pMUQHuH6WdWRU3/5cHUxC6Cd76U+c8wfPeFmbU3grKo6EDxGIBA4fPbT8WPk +vmVoIXT/ +-----END CERTIFICATE REQUEST----- diff --git a/letsencrypt/csr/0825_csr-certbot.pem b/letsencrypt/csr/0825_csr-certbot.pem new file mode 100644 index 000000000..201ca178a --- /dev/null +++ b/letsencrypt/csr/0825_csr-certbot.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICozCCAYsCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKgP +koyZmJQVk5B4yY1DjH0ZqPL6/alUlhoI1pH0BThhwADxF0bjyWA1gLBx7xGrjMHy +xp97icowZBLo4/8151MBQZ2jSDHtf82tBsJtX5kxrtWOx45GjenYI7deOgT7GJFt +GJNVvRDBk/7sAk/B0lkMDGzmrqBO/E8kruD4R8I+msdxCBDUf8Npkl2WwL84dVnl +acO8j8e2lyF+QJWnHewjyRO0MsCv8Vqt5lvqLds7pf2UzEpQfzfvttuzTSFjbNzh +5RvN1PHRV3wySqWHIXEnKLpm1YK4KB7laTXGHJ8urY2fQ7kPVLs1A8ZrHbaOtyrZ +0TqN/OMTNBBgfZjILDMCAwEAAaBeMFwGCSqGSIb3DQEJDjFPME0wSwYDVR0RBEQw +QoIUbWFpbC5ob2VsbGVpbi5vbmxpbmWCFGltYXAuaG9lbGxlaW4ub25saW5lghRz +bXRwLmhvZWxsZWluLm9ubGluZTANBgkqhkiG9w0BAQsFAAOCAQEAMYB18nCwcagE +82nAlDIXLMD3BaTok+O17F+fFR+SuX2Q0cDUa/BlQldhya++sdkP+/HiwxCkXl/h +2h3hbo00Aw3cSQ2Ak/zFrPBlhNgiSjgoe5nygDrC5wByXnJMtCNupm7MVhdFBtmG +xFbcIPnnyybhUgg4KhHNJuxLZqfNount3S/TfRxcx0bAR71QzKdeAOj8AoYn5pPU +5HaLrwRw5tNSKecPhqNUMb/8JqwkxO+m4gAfver//lg6l/4zFKpjC/1XKlsthMum +M64cDRQxdUtoFgE/AzqTP8kI1jGoLZ6ll5kEBOPj+DVrm2TJbN6cUhabNngm4oT0 +HF6q7Wm0XA== +-----END CERTIFICATE REQUEST----- diff --git a/letsencrypt/csr/0826_csr-certbot.pem b/letsencrypt/csr/0826_csr-certbot.pem new file mode 100644 index 000000000..c3d4773bb --- /dev/null +++ b/letsencrypt/csr/0826_csr-certbot.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICozCCAYsCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7N +ag1j2O5QEcA1bsuldhZabm+7vH1SWRyg7VXPNQ+6OEdGvUsHTy6VnH0yXEx+IQ21 +WRxiezr2hHDonDvnNKjx3sZ74aUW2AEHVMp51/3jB5m8ztFL04Ck1KcvJtWN3YjK +goL188okSoFTLr4JzjyB6UznTGfWTKmhk9Hom9D1sCa1b2wFiBhMHA4d3rnHhDJT +maU8yWAZ3OafzU0RTCYR7pcSFsOWhduIo2cN4Mz2b/rAtoCtiSixhPyhgN2S16P6 +yAcvE/RW+cgFEpKjqifU1uP5nzEtRWZsVaUHIB0q0IS++p2R/oGxXPnQFEKpTcZV +NNIkjGAUQ38iyf86WL8CAwEAAaBeMFwGCSqGSIb3DQEJDjFPME0wSwYDVR0RBEQw +QoIdc2llZGxlcnZlcmVpbi13aXR0Z2Vuc2RvcmYuZGWCIXd3dy5zaWVkbGVydmVy +ZWluLXdpdHRnZW5zZG9yZi5kZTANBgkqhkiG9w0BAQsFAAOCAQEAZn85K1Hb2xvS +I92zFv+dVFoeiCviV4DmeZ1m2TVkiURaBNFBVNBnKMXa5oCjgWeE2xGYjk4avYEV +w/3CIfoR3hkA+eYuwZa9oIghzDH3OTH19bYOd4WKjyoEgZD848TFiarsSgUfQcd5 +NLuDmnq6sPq7xpR2X550Nc7IjESbwHyTlfKzh26qYzZZmxZ94ieMO7t1PXB/0sBz +EfVNtHrBB58top7zfRYIojbH81tHSiPvRVCr3Tr+q9iVxdLi39ajMn5mHnfUHJyk +Nb01wuiwY1SRk+xrfFdsei33YAGX0lyLMDysU26pb8y4HZQNCkD9CThyG3N7Q+xC +akuC7EtNZQ== +-----END CERTIFICATE REQUEST----- diff --git a/letsencrypt/keys/0824_key-certbot.pem b/letsencrypt/keys/0824_key-certbot.pem new file mode 100644 index 000000000..4f7afac37 --- /dev/null +++ b/letsencrypt/keys/0824_key-certbot.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC9pw+rH9RNZoJs +jhX1NYXldjQzcE39nkR29cI1BMjaIPGSj949O+ylxOleXA2DUkEIVzrKxiaraOyP +zlARJmc1dvbcNFzYM+h/J4uavc51cshho6p/FRv1EOojHQ8HPmzsDxB+grKZIBP8 +evyLw46WqNVy+HPltWjUxJRPQJuMeO3OB4SAS89kny64O6ZE3T64WThNWjohbzPh +Y9LukcVfL7ByIPaSQiOL3FU0Nt231hHK27IsrBk71Px/BcqBPbO8+6R8OK2E/dPo +jU0loNnirNmau2G/SuxiYB4pD3Es5u3G7SZeoREp5f0QgLP2Yuqh3qvr1Ti2vhZu +iDm5fxN1AgMBAAECggEAD4CRYk6GvxDrBk6S8uk+GaSQ3ceHSHzgYczy4/yRImtg +87b41o6IaIBxBvqFTD+z+yeOMbcCwC4icBrQJqa59v/Ta+qH0FBl58bmvW5YavdH +89s5+4tRLrYEPXyJlvD+XEla8sxiJuwdVh0DebUxeZUxZWVzq8opWIL9EIFadZ/k +wQK2CE6AsSn8FAZb2bKj/NQUGlbAQvRjYtjiUWkUA+UURVDYE9grZ/8n0rm5BQCP +CZ2POxwf+kdr/8ipR9UtZnf+Z51Stt+mU/NUXWWqeGyYLjLwRIwXVShiO3pEmZbM +XGaenpAufaS2dMoaCx8OZ/tXEWOEr0A7wHZf2GGJAQKBgQDv/JD0ugT4B26XFWiO +eD7/YrLqmZT9sV+cD3ti5K1BNGk2HtVtsEM8jyOeld1gZyZsiZ9YpMs6O0LDOzS4 +GRjISXk810Qgu5DzhI6I9x3pXv7K9nImpciTGwftttC97lqhkINAfakOB58tx57n +szposC4ZI9KujJRzcfURz3HAQQKBgQDKTrFvLqr1AitS9tzZANOweVgT9FbE+2Em +mVymaEFAmKKhA8U7Vn2r9g1aumAAODDo9kaVbMQAxN1tueq7H1dfZtOmgRRcaoBE +z+quKh0P2+SynK6dVBR9cThkQUlB8inz19eePGWKJKgBcCMVjvH00xHeAzDwM/aN +HUF4vEDGNQKBgHjxjAwJg1+MP0uc2miSaQ1DrG9WnyOLNGft1XztSfNGeo9v0pfI +8NmgOY8+b6aZ1V91q/x8cH8URn0lZVgyLa8ieBsVUZw9aruO3lZgU4689SNMOBMK +EZ8xTDmcnG5bpQkvTzY9HemYJbxokcirJpCD2XeJ+i9FYbscfylOpkEBAoGADZRQ +pqTcRsvZep0lX8+FZhAPEG/TLy+sarnalTTkRGC6cdJd98ircNJ4PQHLldgvuENn +o3oEggS01DupfNvysm2lgUSiyD1B1Nyb5QrgnoLlC/QmaFsPcQgbf+c98pY9qKdx +SqbFLgud11LemADbTtKoHV3beBQU1Y4EKgWA140CgYEAxRg8MqH5A2m/gR8g1vkJ +v0EzrVJrMMmJD+Ecy50zmU6gEyZJpdJrp0FvnVyR5RBRodnfJ5UsBHx1al7U65SB +GmsnWinsXtUbfxkTH/hSIFNnF6P8UfMWLM6ZdjfFoo72AvD9WpMmHNWASF9CokYk +KHIN/2vLxrYwn5CYBKzk8H8= +-----END PRIVATE KEY----- diff --git a/letsencrypt/keys/0825_key-certbot.pem b/letsencrypt/keys/0825_key-certbot.pem new file mode 100644 index 000000000..fe360d40e --- /dev/null +++ b/letsencrypt/keys/0825_key-certbot.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCoD5KMmZiUFZOQ +eMmNQ4x9Gajy+v2pVJYaCNaR9AU4YcAA8RdG48lgNYCwce8Rq4zB8safe4nKMGQS +6OP/NedTAUGdo0gx7X/NrQbCbV+ZMa7VjseORo3p2CO3XjoE+xiRbRiTVb0QwZP+ +7AJPwdJZDAxs5q6gTvxPJK7g+EfCPprHcQgQ1H/DaZJdlsC/OHVZ5WnDvI/Htpch +fkCVpx3sI8kTtDLAr/FareZb6i3bO6X9lMxKUH8377bbs00hY2zc4eUbzdTx0Vd8 +MkqlhyFxJyi6ZtWCuCge5Wk1xhyfLq2Nn0O5D1S7NQPGax22jrcq2dE6jfzjEzQQ +YH2YyCwzAgMBAAECggEABf7YOY/ZM585bnQArLt2LZhWwKRXnEzaNf+OuBI+hW5n +TSFMtUi3DGmcN6842iaGlPy2PUZI+h+T0mDgkWA46msnDhqfHrjcUFgV36XLPUna +dN/tGpRFx8vgKlCAPWE/1SBROiBa6FgfkX6V7oZ5nJejcdcg77MhqSkj2/6/gJxw +VTx5kqGOYzdLqDMn0v8RpvzYdXWaey5S1tIlh9WZF9aLHtnYdxsLlPgBsw1QebKE +1urg2R2j7Yx6i2jx8+sTTk6ra8EP2DGZzWYHFt4BocLCIGJ4NsUG8Nuplx706buU +oge8yuOedguXb5W/OFjhpq3bCljS4pR+Dw6GAYmkEQKBgQDYJLni4+csmphjndjj +NXrJYo99azmgKxNK0iViGtWZAiblgnJMXH2d7pc/Ci5VASjvicdSjXPh0Bc0wHYw +iHQlE8kER2CjVRutM0yj9E26uRExIN5Dz0k4jXr9mGsdmpndqQt0pmRX1Os0wXLt +qcVS7P+5wl6Q24vL2UBVpzJHHQKBgQDHDQ5vEr5ZbPU4cJjadJ65GXGTnwUF3O7Y +/t6iQmoN2EoWcIWklw5WDG9FiJbjsMtDUzQ1Mb/QFM3EeQXG4KapFb8fMhoFdSIQ +4cVn9oY2WQBMqXRbQWwe4fAsrbhITeOb0NPiDnZIROLwnXn2AdN3H3dbjalDzOhZ +l6L+/FrPjwKBgQC0rSaRyg6RU311MBp/+1FzjCcEISCficJrtfS36FSKvajEC2H+ +AQakgS/+60TFm92bNqHemQ24QllTqFpjwXzNDZfoMr5OajNjedFj8DEVl+QOHDqP +lnPPiTy5RbKsoXJjPw6raPfSD9K5W8f1cQfYhPJTVm30SwG12hoUP1og5QKBgGOU +6ZqyAt7UPt4snpvz6hBqZULYNHgZbrjK0XDVzx78DRyq0IFmPPrZn7Vmvy5MHXSi +JKVULUUZk1Puw/AaJebDhWlC9He0gQV3Hf6D++MmpZq00Axzb3cHy9NeWap6pRsn +30jhuVUweWStM/3aLgQTjvATsBHGapuf3CC6+WeLAoGBAJW2dy80ugSDDZ/00aZ/ +lo5gPM6fOeRq+uUnyCt762O2SwrmqsiGAq1SrddYdvA5Iq4tffnzZPleDmVJuGfO +LOupiklrItzUSkDu72ucj51jZZL7siRrFl3vLrH4dvjt+4CpN7xiTdiU/g5Evj2j +SVlWtpvUeDpI9hr5Cqsiofx5 +-----END PRIVATE KEY----- diff --git a/letsencrypt/keys/0826_key-certbot.pem b/letsencrypt/keys/0826_key-certbot.pem new file mode 100644 index 000000000..fcf53b5cd --- /dev/null +++ b/letsencrypt/keys/0826_key-certbot.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC+zWoNY9juUBHA +NW7LpXYWWm5vu7x9UlkcoO1VzzUPujhHRr1LB08ulZx9MlxMfiENtVkcYns69oRw +6Jw75zSo8d7Ge+GlFtgBB1TKedf94weZvM7RS9OApNSnLybVjd2IyoKC9fPKJEqB +Uy6+Cc48gelM50xn1kypoZPR6JvQ9bAmtW9sBYgYTBwOHd65x4QyU5mlPMlgGdzm +n81NEUwmEe6XEhbDloXbiKNnDeDM9m/6wLaArYkosYT8oYDdktej+sgHLxP0VvnI +BRKSo6on1Nbj+Z8xLUVmbFWlByAdKtCEvvqdkf6BsVz50BRCqU3GVTTSJIxgFEN/ +Isn/Oli/AgMBAAECggEAO8AB5P2Oklp6pJFXB+jhyPA6wzysMyaVh1SR3hxMRoeP +Viq93oAEeNcbMU2S/9VDrpJKvIvOgVFvehgtzMiDgiB0Hf3vVI6JyBCuqdVsITJ2 +T9uDfKFdM1zqxwwKAjgx1sNsCWzSEkw5FLSi35ocfnBESfPoxl+ilEBoFQTdvpqX +SdYM44dIoI6pfkLsq4Tx5lR2wcpVLii+yfkpWPXsp67Xl0HRtZzrWY8TuUVvu8q9 +HPggtE1sr7vO8HZiVPqCmP6Cs8z3QUjCZPTLtmUShRQSglmJkphekIGmU8zy/YRC +eAyMsn+Qp+V3WlhZT2DBF8NDZVHBdVYHeJYQ0suYqQKBgQDeFKiD80aiGLRe/non +8U7o6lQRl7eX8Bzg9KoVnJHw3MO6m6exK5rRPFoJGhC4i2zk306BWlunuRUslXAS +1Y6MX+lO3OJb9gY8mK9dx2S5tMYXyd68el6nrECgpmBxqBrNtLB8skxRdQRL9nxz +7kJeUXz3HenvrIjg0pZrarzIbQKBgQDb8cbIc1FDoPmrdiThk0ALisdGA2ck4fZc +eJPrOs2/LnfWU9Zbq+74YtQTp3JsaPk8LTSw3AyWt0Q/M98uGThaPZsANx1K6CY1 +EwEgHcAU6JQVjXy3+idnF+8GJMrlQuoqZpce5Jhs4OQ1xpIJfMEKUY1Ffi2UaudF +Gnkqyl9CWwKBgQCeMQL0sub+cjCRdh3Xs+ksujZWLcdGgHBhwYYiTNwcQXVeyJ/D +8Tafkqjj0OBWRGK2CWcndxDQwWMW1f/2Oo8G6Q8M8QSA0xgQNAa++1iBfAabTV3O +zi/8qhODG+CZNVCadPo+aNc6MutznMl73x0BiHRGptVLt4/s7bTeITMGZQKBgGhs +Ss9iiKOOKttwFSSP76lLMz8XYIIPUhMnIDtfSM3K9xRn627Mm4GMElpedqHn2OTs +JYcOgl+QFTPYoc5WJP4bH5sjj6G/xFwQcMlZtpd2sM/mw97pQoncwBvvnfDpKxoE +aR0+tOuEfnTVmQIuG8yVWXgz5tn/Q1v4rKxXNpDfAoGAdCftxjxASVejt8eH4QQN +dmLSLUi/gyPnH6EZU7tLNxiATbJHCFBvNBw88pa5EJ2sBP1lITnXkgBPlPs8EhM5 +02COKbhd78UV60VXnyjCFdP/uxCy115f3ZxY0uKdQ3P+q9lyMO0g2hJ8gLDyUeho +eNe0tAA8tg48D6NzCwfrvRw= +-----END PRIVATE KEY-----