Sep 3 2010

Roundcube i bruteforce

Instalujemy RoundCube Fail2Ban Plugin.

Wchodzimy do katalogu z roundube.

W config/main.inc.php zmieniamy/dodajemy wpisy:

$rcmail_config[‘log_driver’] = ‘file’;
$rcmail_config[‘syslog_id’] = ’roundcube’;

Logi będą powstawały w podkatalogu logs roundcube (apache musi mieć do niego prawa zapisu).

Tworzymy plik: /etc/fail2ban/filter.d/roundcube.conf :

[Definition]
failregex = FAILED login for .*. from <HOST>
ignoreregex =

Dodajemy wpis do /etc/fail2ban/jail.conf

[roundcube]
enabled = true
port = http,https
filter = roundcube
action = iptables-multiport[name=roundcube, port=”http,https”]
sendmail-whois[name=Roundcube, dest=root]
logpath = /var/log/httpd/roundcube/userlogins
maxretry = 5
bantime = 1800

RoundCube Fail2Ban Plugin na naszym serwerze

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.