Commit 486290

2026-01-20 11:20:14 theophile: codeblock correct lang syntax highlighting, and improved sencence
server/fail2ban.md ..
@@ 54,7 54,7 @@
#### Default
- ``` toml
+ ```ini
# "bantime" is the number of seconds that a host is banned.
bantime = 7800m
@@ 77,7 77,7 @@
#### sshd
- ``` toml
+ ```ini
[sshd]
enabled = true
port = 53684
@@ 143,7 143,7 @@
- Add the `/etc/fail2ban/filter.d/bad-auth-bots.conf`
- ``` toml
+ ``` ini
[Definition]
failregex = ^s?S+ mailu-front[d+]: S+ S+ [info] d+#d+: *d+ client login failed: "AUTH not supported" while in http auth state, client: <HOST>, server:
ignoreregex =
@@ 151,7 151,7 @@
```
- Add the `/etc/fail2ban/jail.d/bad-auth-bots.conf`
- ```toml
+ ```ini
[bad-auth-bots]
enabled = true
backend = systemd
@@ 173,7 173,7 @@
See ipset homepage for details on ipset, <https://ipset.netfilter.org/>.
- ```toml
+ ```ini
[Definition]
actionstart = ipset --create f2b-bad-auth-bots nethash
@@ 203,7 203,7 @@
Add the override and save the file.
- ``` toml
+ ``` ini
[Unit]
After=docker.service
```
@@ 232,7 232,7 @@
## Whitelist (to avoid ban in the first place)
- Edit the `/etc/fail2ban/jail.local` `ignore_ip` field. Append at the end of the line your routers IP adress.
+ Edit the `/etc/fail2ban/jail.local` `ignore_ip` field, by appending at the end of the line your routers IP adress.
Then restart the fail2ban service:
```bash
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9