由于我和我的房东陷入了僵局,我想寻求一些帮助。我正在努力弄清楚这些事情,但不知道该怎么做。
我有一个 VPS 帐户,并为客户托管了几个 WP 网站。服务器信息:Nginx(1.17.0) –阿帕奇(2.4.39)CentOS 7.6。
最近读到关于 fail2ban 的优点后,我决定尝试一下(即带有 WP 插件的 f2b)。我要求托管公司安装 f2b,几天前他们就安装了。不幸的是,我根本无法让它起步,而且除非我给他们一些钱,否则他们不愿意提供帮助。
他们安装了 v0.9.7,尽管目前的版本似乎0.10.4. 遵循以下指南和文档的说明:
-https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7
-https://www.howtoforge.com/tutorial/how-to-install-fail2ban-on-centos/
-https://docs.wp-fail2ban.com/en/4.2/introduction.html
我安装了插件,并执行以下操作:
证实/wp-content/plugins/wp-fail2ban/filters.d/包含wordpress-hard.conf、wordpress-soft.conf 和 wordpress-extra.conf(如文档所列)
sudo systemctl enable fail2ban
= 没有错误我创建了监狱.本地文件并将以下代码放入其中:
[DEFAULT]
## ban hosts for one hour:
bantime = 3600
## override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
[wordpress-hard]
enabled = true
filter = wordpress-hard
logpath = /var/log/auth.log
maxretry = 1
port = http,https
[wordpress-soft]
enabled = true
filter = wordpress-soft
logpath = /var/log/auth.log
maxretry = 3
port = http,https
– exited nano and saved
sudo systemctl restart fail2ban
导致以下结果:
Job for fail2ban.service failed because the control process exited with error code. See “systemctl status fail2ban.service” and “journalctl -xe” for details.
systemctl status fail2ban.service
导致:
fail2ban.service – Fail2Ban Service Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Mon 2019-08-05 14:52:20 EDT; 1min 4s ago Docs: man:fail2ban(1)
Process: 12326 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
Main PID: 9099 (code=exited, status=0/SUCCESS)
sudo fail2ban-client status
导致:
ERROR Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running?
看到上述内容后,我寻找/var/run/fail2ban/fail2ban.sock。文件丢失/不存在/不存在。
journalctl -u fail2ban.service
结果是:
fail2ban-client[10992]: ERROR Errors in jail ‘wordpress-hard’. Skipping…
fail2ban-client[10992]: ERROR Found no accessible config files for ‘filter.d/wo
fail2ban-client[10992]: ERROR No section: ‘Definition’
fail2ban-client[10992]: ERROR No section: ‘Definition’
fail2ban-client[10992]: ERROR Unable to read the filter
这就是我的情况。我做错了什么吗?他们做错了什么吗?如何解决?谢谢,抱歉写得太长了。
答案1
您忘记将 conf 复制到/etc/fail2ban/filter.d/
例如
sudo cp /var/www/html/wp-content/plugins/wp-fail2ban/filters.d/wordpress-hard.conf /etc/fail2ban/filter.d/
另外不要忘记将 wordpress-soft.conf 复制到 filters.d 目录中