/[smecontribs]/rpms/smeserver-fail2ban/contribs10/smeserver-fail2ban-0.1.18-bz11651-wordpress.patch
ViewVC logotype

Annotation of /rpms/smeserver-fail2ban/contribs10/smeserver-fail2ban-0.1.18-bz11651-wordpress.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Thu Dec 9 01:43:53 2021 UTC (2 years, 10 months ago) by jpp
Branch: MAIN
CVS Tags: smeserver-fail2ban-0_1_18-27_el7_sme, smeserver-fail2ban-0_1_18-31_el7_sme, smeserver-fail2ban-0_1_18-24_el7_sme, smeserver-fail2ban-0_1_18-30_el7_sme, smeserver-fail2ban-0_1_18-25_el7_sme, smeserver-fail2ban-0_1_18-22_el7_sme, smeserver-fail2ban-0_1_18-32_el7_sme, smeserver-fail2ban-0_1_18-28_el7_sme, smeserver-fail2ban-0_1_18-29_el7_sme, smeserver-fail2ban-0_1_18-21_el7_sme, smeserver-fail2ban-0_1_18-23_el7_sme, smeserver-fail2ban-0_1_18-26_el7_sme, HEAD
* Wed Dec 08 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.1.18-21.sme
- update wordpress filters [SME: 11651]

1 jpp 1.1 diff -Nur --no-dereference smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-hard.conf smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-hard.conf
2     --- smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-hard.conf 2021-12-08 20:16:46.701000000 -0500
3     +++ smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-hard.conf 2021-12-08 20:36:17.648000000 -0500
4     @@ -9,13 +9,15 @@
5    
6     _daemon = (?:wordpress|wp)
7    
8     -failregex = ^%(__prefix_line)sAuthentication attempt for unknown user .* from <HOST>$
9     +failregex = ^%(__prefix_line)sSpam comment \d+ from <HOST>$
10     + ^%(__prefix_line)sAuthentication attempt for unknown user .* from <HOST>$
11     + ^%(__prefix_line)sXML-RPC multicall authentication failure from <HOST>$
12     ^%(__prefix_line)sBlocked user enumeration attempt from <HOST>$
13     ^%(__prefix_line)sBlocked authentication attempt for .* from <HOST>$
14     + ^%(__prefix_line)sAuthentication attempt for unknown user .* from <HOST>$
15     + ^%(__prefix_line)sREST authentication attempt for unknown user .* from <HOST>$
16     ^%(__prefix_line)sPingback error .* generated from <HOST>$
17     - ^%(__prefix_line)sSpam comment \d+ from <HOST>$
18     ^%(__prefix_line)sXML-RPC authentication attempt for unknown user .* from <HOST>$
19     - ^%(__prefix_line)sXML-RPC multicall authentication failure from <HOST>$
20    
21     ignoreregex =
22    
23     diff -Nur --no-dereference smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-soft.conf smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-soft.conf
24     --- smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-soft.conf 2021-12-08 20:16:46.706000000 -0500
25     +++ smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-soft.conf 2021-12-08 20:24:58.531000000 -0500
26     @@ -21,8 +21,11 @@
27     # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
28     # Values: TEXT
29     #
30     -failregex = ^%(__prefix_line)sAuthentication failure for .* from <HOST>$
31     +failregex = ^%(__prefix_line)sEmpty username from <HOST>$
32     + ^%(__prefix_line)sAuthentication failure for .* from <HOST>$
33     ^%(__prefix_line)sXML-RPC authentication failure from <HOST>$
34     + ^%(__prefix_line)sREST authentication failure for .* from <HOST>$
35     + ^%(__prefix_line)sXML-RPC authentication failure for .* from <HOST>$
36    
37     # Option: ignoreregex
38     # Notes.: regex to ignore. If this regex matches, the line is ignored.

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed