/[smecontribs]/rpms/smeserver-fail2ban/contribs10/smeserver-fail2ban-0.1.18-bz11651-wordpress.patch
ViewVC logotype

Contents of /rpms/smeserver-fail2ban/contribs10/smeserver-fail2ban-0.1.18-bz11651-wordpress.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Thu Dec 9 01:43:53 2021 UTC (2 years, 5 months ago) by jpp
Branch: MAIN
CVS Tags: smeserver-fail2ban-0_1_18-27_el7_sme, smeserver-fail2ban-0_1_18-31_el7_sme, smeserver-fail2ban-0_1_18-24_el7_sme, smeserver-fail2ban-0_1_18-30_el7_sme, smeserver-fail2ban-0_1_18-25_el7_sme, smeserver-fail2ban-0_1_18-22_el7_sme, smeserver-fail2ban-0_1_18-21_el7_sme, smeserver-fail2ban-0_1_18-28_el7_sme, smeserver-fail2ban-0_1_18-29_el7_sme, smeserver-fail2ban-0_1_18-23_el7_sme, smeserver-fail2ban-0_1_18-26_el7_sme, HEAD 
* Wed Dec 08 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.1.18-21.sme
- update wordpress filters [SME: 11651]
1 diff -Nur --no-dereference smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-hard.conf smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-hard.conf
2 --- smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-hard.conf 2021-12-08 20:16:46.701000000 -0500
3 +++ smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-hard.conf 2021-12-08 20:36:17.648000000 -0500
4 @@ -9,13 +9,15 @@
5
6 _daemon = (?:wordpress|wp)
7
8 -failregex = ^%(__prefix_line)sAuthentication attempt for unknown user .* from <HOST>$
9 +failregex = ^%(__prefix_line)sSpam comment \d+ from <HOST>$
10 + ^%(__prefix_line)sAuthentication attempt for unknown user .* from <HOST>$
11 + ^%(__prefix_line)sXML-RPC multicall authentication failure from <HOST>$
12 ^%(__prefix_line)sBlocked user enumeration attempt from <HOST>$
13 ^%(__prefix_line)sBlocked authentication attempt for .* from <HOST>$
14 + ^%(__prefix_line)sAuthentication attempt for unknown user .* from <HOST>$
15 + ^%(__prefix_line)sREST authentication attempt for unknown user .* from <HOST>$
16 ^%(__prefix_line)sPingback error .* generated from <HOST>$
17 - ^%(__prefix_line)sSpam comment \d+ from <HOST>$
18 ^%(__prefix_line)sXML-RPC authentication attempt for unknown user .* from <HOST>$
19 - ^%(__prefix_line)sXML-RPC multicall authentication failure from <HOST>$
20
21 ignoreregex =
22
23 diff -Nur --no-dereference smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-soft.conf smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-soft.conf
24 --- smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/wordpress-soft.conf 2021-12-08 20:16:46.706000000 -0500
25 +++ smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/wordpress-soft.conf 2021-12-08 20:24:58.531000000 -0500
26 @@ -21,8 +21,11 @@
27 # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
28 # Values: TEXT
29 #
30 -failregex = ^%(__prefix_line)sAuthentication failure for .* from <HOST>$
31 +failregex = ^%(__prefix_line)sEmpty username from <HOST>$
32 + ^%(__prefix_line)sAuthentication failure for .* from <HOST>$
33 ^%(__prefix_line)sXML-RPC authentication failure from <HOST>$
34 + ^%(__prefix_line)sREST authentication failure for .* from <HOST>$
35 + ^%(__prefix_line)sXML-RPC authentication failure for .* from <HOST>$
36
37 # Option: ignoreregex
38 # Notes.: regex to ignore. If this regex matches, the line is ignored.
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed