Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Fail2ban

Browse Source
This commit is contained in:
VirtuBox
2019-07-18 14:32:41 +02:00
parent 595f80f132
commit 8906fa2c61
3 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
wo/cli/plugins/stack.py
View File

@@ -1093,6 +1093,17 @@ class WOStackController(CementBaseController):
out=wo_fail2ban) out=wo_fail2ban)
wo_fail2ban.close() wo_fail2ban.close()
Log.debug(self, "Setting up fail2ban wp filter")
wo_fail2ban = open('/etc/fail2ban/filter.d/'
'nginx-forbidden.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'fail2ban-forbidden.mustache',
out=wo_fail2ban)
wo_fail2ban.close()
WOGit.add(self, ["/etc/fail2ban"],
msg="Adding Fail2ban into Git")
WOService.reload_service(self, 'fail2ban')
if (packages): if (packages):
if any('/usr/local/bin/wp' == x[1] for x in packages): if any('/usr/local/bin/wp' == x[1] for x in packages):
Log.debug(self, "Setting Privileges" Log.debug(self, "Setting Privileges"

10
wo/cli/plugins/stack_services.py
View File

@@ -70,7 +70,7 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
@@ -134,7 +134,7 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
@@ -201,7 +201,7 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
@@ -266,7 +266,7 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
@@ -332,7 +332,7 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")

2
wo/cli/templates/fail2ban.mustache
View File

@@ -17,7 +17,7 @@ maxretry = 5
[nginx-forbidden] [nginx-forbidden]
enabled = true enabled = true
filter = nginx-forbidden filter = nginx-forbidden
port = http,https action = iptables-multiport[name="wo-wordpress", port="http,https"]
logpath = /var/log/nginx/*error*.log logpath = /var/log/nginx/*error*.log
findtime = 60 findtime = 60
bantime = 6000 bantime = 6000