Hier werden die Unterschiede zwischen zwei Versionen gezeigt.
Beide Seiten, vorherige Überarbeitung Vorherige Überarbeitung Nächste Überarbeitung | Vorherige Überarbeitung | ||
lpi2:fail2ban [2018/02/02 10:25] ingo_wichmann |
lpi2:fail2ban [2018/02/02 11:16] (aktuell) ingo_wichmann [Apache Basic Auth] |
||
---|---|---|---|
Zeile 20: | Zeile 20: | ||
fail2ban-client status | fail2ban-client status | ||
fail2ban-client status sshd | fail2ban-client status sshd | ||
+ | |||
+ | ====== Apache Basic Auth ====== | ||
+ | Pakete: apache2 fail2ban (Debian 9) | ||
+ | |||
+ | mkdir -p /srv/www/fail2ban | ||
+ | htpasswd -c /srv/www/htpasswd_fail2ban heinz | ||
+ | |||
+ | <file txt /etc/apache2/conf-available/fail2ban-apache-auth-test.conf> | ||
+ | <directory /srv/www/fail2ban> | ||
+ | AllowOverride AuthConfig | ||
+ | AuthType Basic | ||
+ | AuthName "Bitte Username und Passwort" | ||
+ | AuthBasicProvider file | ||
+ | AuthUserFile /srv/www/htpasswd_fail2ban | ||
+ | Require valid-user | ||
+ | </directory> | ||
+ | </file> | ||
+ | |||
+ | <file html /srv/www/fail2ban/index.html> | ||
+ | <html> | ||
+ | <head> | ||
+ | <title>Hello fail2ban!</title> | ||
+ | </head> | ||
+ | <body> | ||
+ | Hello fail2ban | ||
+ | </body> | ||
+ | </html> | ||
+ | </file> | ||
+ | |||
+ | Zugriff lokal testen: | ||
+ | wget --user heinz --password xxx -nv -O - http://127.0.0.1/fail2ban-test/index.html | ||
+ | |||
+ | <file txt /etc/fail2ban/jail.local> | ||
+ | [apache-auth] | ||
+ | enabled = true | ||
+ | </file> | ||
+ | |||
+ | fail2ban-client reload | ||
+ | fail2ban-client status | ||
+ | fail2ban-client status apache-auth | ||
+ | |||
+ | Von einem anderen Rechner aus: | ||
+ | ab -n 10 -A heinz:nono http://192.168.212.11/fail2ban-test/index.html | ||
+ | |||
+ | less /var/log/fail2ban.log | ||