Created
May 5, 2024 05:19
-
-
Save dextervip/1ef2d3468667079e6074629df00e632b to your computer and use it in GitHub Desktop.
Fail2ban Postgresql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Definition] | |
| failregex = \{<HOST>\} .+? FATAL: password authentication failed for user .+$ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [postgresql] | |
| # This should be specified in your jail.conf but we'll put it here just in case. | |
| # The localhost might have reasons to probe itself, so it should never be | |
| # blocked. | |
| ignoreip = 127.0.0.1/8 ::1 | |
| # By default, UFW logs to this location. Update as necessary to suit your | |
| # environment. | |
| logpath = /var/log/postgresql/postgresql.log | |
| # Although timeframes are set in the jail.local, you might want to independently | |
| # control them for this particular filter so it's more/less aggressive. | |
| maxretry = 5 | |
| findtime = 300 | |
| # Because this is a custom filter, we need to point F2B to our custom filter. If | |
| # you changed the name of that filter file, then update it here without the | |
| # '.conf' part. | |
| filter = postgresql | |
| enabled = true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment