Re: fail2ban for apache2
On Saturday 09 November 2019 08:59:14 Michael wrote:
> > Rather then to use fail2ban for this, I would create un ipset that
> > fail2ban can populate then use that ipset in iptables.
>
> i agree, but:
> > One advantage of this is that you can add/delete ip from the ipset
> > without having to restart fail2ban/iptables.
>
> RTFM
>
> fail2ban allows you to 'unban' an ip address as well:
> > man fail2ban-client
>
> set <JAIL> unbanip <IP>
> manually Unban <IP> in <JAIL>
>
Whats this "jail"? The beginners tut seems to assume we've all had cs101
thru cs401 and Just Know all the secret handshakes bs already. Sorry,
I've been hiding behind dd-wrt for about 2 decades and never had to
worry about it before.
Besides that the jail.d subdir of the install is empty. No jail.example
file to give one an inkling of what its supposed to be like. Theres
zero tutorial value in that. I was able, with the help of another
responder to carve up some iptables rules to stop the DDOS that semrush,
yandex, bingbot, and 2 or 3 others were bound to do to me.
Understand I have no objections to those folks indexing my site so their
search engines can find stuff, but to just repeatedly download the whole
thing, copying it forever, reaching into nooks and crannies I don't even
link to, using all my upload bandwidth for weeks at a time, will bring
me to battle stations. And we both will suffer because of their poor
behavior.
> greetings...
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: