From 9557b229414db58989252574f2e388268c0ad04f Mon Sep 17 00:00:00 2001
From: Bram Prieshof <bram@bprieshof.nl>
Date: Thu, 6 Aug 2020 14:15:14 +0200
Subject: [PATCH] Added php app Jails for F2B

---
 config/fail2ban/Filters/phpapp-AD         |  2 --
 config/fail2ban/Filters/phpapp-AD.filter  |  2 ++
 config/fail2ban/Filters/phpapp-UA.filter  |  2 ++
 config/fail2ban/Filters/phpapp-UA.local   |  2 --
 config/fail2ban/Jails/phpapp_unconfigured | 13 +++++++++++++
 5 files changed, 17 insertions(+), 4 deletions(-)
 delete mode 100644 config/fail2ban/Filters/phpapp-AD
 create mode 100644 config/fail2ban/Filters/phpapp-AD.filter
 create mode 100644 config/fail2ban/Filters/phpapp-UA.filter
 delete mode 100644 config/fail2ban/Filters/phpapp-UA.local
 create mode 100644 config/fail2ban/Jails/phpapp_unconfigured

diff --git a/config/fail2ban/Filters/phpapp-AD b/config/fail2ban/Filters/phpapp-AD
deleted file mode 100644
index 35a9a41..0000000
--- a/config/fail2ban/Filters/phpapp-AD
+++ /dev/null
@@ -1,2 +0,0 @@
-[Definition]
-failregex =  Access Denied from
\ No newline at end of file
diff --git a/config/fail2ban/Filters/phpapp-AD.filter b/config/fail2ban/Filters/phpapp-AD.filter
new file mode 100644
index 0000000..801e7d1
--- /dev/null
+++ b/config/fail2ban/Filters/phpapp-AD.filter
@@ -0,0 +1,2 @@
+[Definition]
+failregex =  Access Denied from <HOST>
\ No newline at end of file
diff --git a/config/fail2ban/Filters/phpapp-UA.filter b/config/fail2ban/Filters/phpapp-UA.filter
new file mode 100644
index 0000000..009dc31
--- /dev/null
+++ b/config/fail2ban/Filters/phpapp-UA.filter
@@ -0,0 +1,2 @@
+[Definition]
+failregex = Unauthorized Access from <HOST>
\ No newline at end of file
diff --git a/config/fail2ban/Filters/phpapp-UA.local b/config/fail2ban/Filters/phpapp-UA.local
deleted file mode 100644
index fcd4f63..0000000
--- a/config/fail2ban/Filters/phpapp-UA.local
+++ /dev/null
@@ -1,2 +0,0 @@
-[Definition]
-failregex = Unauthorized Access from
\ No newline at end of file
diff --git a/config/fail2ban/Jails/phpapp_unconfigured b/config/fail2ban/Jails/phpapp_unconfigured
new file mode 100644
index 0000000..69323bb
--- /dev/null
+++ b/config/fail2ban/Jails/phpapp_unconfigured
@@ -0,0 +1,13 @@
+[PHP-AD_SITEname]
+enabled = true
+filter = phpapp-AD
+logpath = /var/log/PHPapp/SITEname
+port = http,https
+
+[PHP-UA_SITEname]
+enabled = true
+maxretry = 20
+bantime  = 8h
+filter = phpapp-UA
+logpath = /var/log/PHPapp/SITEname
+port = http,https