| Summary: | Fail2ban default config has incorrect logfile paths (apache logs) and defaults to sendmail actions | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | claire robinson <eeeemail> |
| Component: | RPM Packages | Assignee: | Remco Rijnders <remco> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | 3 | ||
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | fail2ban | CVE: | |
| Status comment: | |||
| Bug Depends on: | 11569 | ||
| Bug Blocks: | |||
|
Description
claire robinson
2013-06-25 16:42:36 CEST
/etc/fail2ban/jail.conf
Remco Rijnders
2014-03-20 13:31:47 CET
Status:
NEW =>
ASSIGNED Claire, I have updated the paths in jail.conf for our apache installation. Please note that I have not addressed the sendmail action, I believe failure of this part does not prevent fail2ban from operating and banning malicious hosts. Depends on:
(none) =>
11569 Thanks Remco, I'll get it tested today. Still wrong by the looks of it Remco. They point to /var/log/httpd/*error.log at the moment. The actual apache error logs are /var/log/httpd/error_log and error_log.1, error_log.2 etc after rotation. The setting should probably be more like /var/log/httpd/error_log* This was testing on Mageia 4 btw. Did you make the changes there too, just noticed the bug was against mga3. Checked mga3 too and it's the same. The sendmail action doesn't prevent it working but does leave errors in the journal. Not sure the best way to handle it, it may be to comment the sendmail actions as an example and just leave them logging. I'm validating the security update in bug 11569. Hi Claire, Updated versions (0.8.13-2) are in updates testing Closing this one now then, thanks Remco Status:
ASSIGNED =>
RESOLVED |