File: //etc/fail2ban/jail.local
#fail2ban local settings
#These settings override the settings in jail.conf
[sshd_root]
logpath = /var/log/auth.log
maxretry = 2
enabled = true
filter = sshd_root
bantime = 3600
action = nftables-allports
failcentral-dreamhost
[418]
action = nftables-allports
failcentral-dreamhost
maxretry = 25
logpath = /var/log/apache2/apache2-*.mega.log
enabled = true
filter = 418
[xmlrpc]
maxretry = 150
filter = xmlrpc
logpath = /var/log/apache2/apache2-*.mega.log
enabled = true
action = nftables-allports
failcentral-dreamhost
[wp]
maxretry = 4
enabled = true
logpath = /var/log/apache2/apache2-*.mega.log
action = nftables-allports
failcentral-dreamhost
filter = wp
[sasl]
port = smtp,ssmtp
enabled = false
logpath = /var/log/mail.log
action = nftables-allports
maxretry = 50
filter = postfix-sasl
[ssh]
action = nftables-allports
failcentral-dreamhost
port = ssh
maxretry = 25
logpath = /var/log/auth.log
enabled = true
filter = sshd
bantime = 3600
[proftpd]
maxretry = 50
action = nftables-allports
failcentral-dreamhost
filter = proftpd
logpath = /var/log/auth.log
enabled = true
[DEFAULT]
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 64.90.32.0/19 64.111.96.0/19 66.33.192.0/19 67.205.0.0/18 69.163.128.0/17 75.119.192.0/19 107.180.224.0/19 173.236.128.0/17 205.196.208.0/20 208.97.128.0/18 208.113.128.0/17 173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 104.16.0.0/12 172.64.0.0/13 131.0.72.0/22 122.248.245.244/32 54.217.201.243/32 54.232.116.4/32 192.0.80.0/20 192.0.96.0/20 192.0.112.0/20 195.234.108.0/22 192.0.96.202/32 192.0.98.138/32 192.0.102.71/32 192.0.102.95/32 187.143.97.53 49.228.98.165 77.102.83.128 39.37.138.39 106.167.163.193
bantime = 3600
maxretry = 50
backend = polling
[bot-shells]
maxretry = 5
filter = bot-shells
action = nftables-allports
failcentral-dreamhost
enabled = true
logpath = /var/log/apache2/apache2-*.mega.log