mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-24 02:11:27 +01:00
29 lines
676 B
Plaintext
29 lines
676 B
Plaintext
#
|
|
# Examle of rule you can add to fail2ban to restrict bruteforce attacks.
|
|
#
|
|
|
|
[web-dol-passforgotten]
|
|
|
|
; rule against call of passwordforgottenpage
|
|
enabled = true
|
|
port = http,https
|
|
filter = web-dolibarr-rulespassforgotten
|
|
logpath = >> /mypath/documents/documents/dolibarr.log
|
|
action = %(action_mw)s
|
|
bantime = 4320000 ; 50 days
|
|
findtime = 86400 ; 1 day
|
|
maxretry = 10
|
|
|
|
[web-dol-bruteforce]
|
|
|
|
; rule against bruteforce hacking (login + api)
|
|
enabled = true
|
|
port = http,https
|
|
filter = web-dolibarr-rulesbruteforce
|
|
logpath = >> /mypath/documents/documents/dolibarr.log
|
|
action = %(action_mw)s
|
|
bantime = 86400 ; 1 day
|
|
findtime = 3600 ; 1 hour
|
|
maxretry = 10
|
|
|