You maybe interested in configservers CSF and CSX for interworx. CSF is free (Kudos to configservers) but CSX does cost a little. However, very much worth the cost and both work lovely. We use it on our production servers and it saves so much time.
Much appreciated! I’ve never been able to get a variety of Qmail filters to work so it’s good to know about yours. I’m not a fan of Fail2ban but sometimes I’ll use it anyway.
The 0.11 branch of Fail2ban from EPEL comes with lots of preset filters that include services you mentioned. sshd always works where as others may need tweaking. Most Apache jails should work straight away if log paths are right.
Fail2ban has been on my todo-list for so long, this is a great incentive to do it. Thanks for posting your rules, marco114.
John, CSF sounds great too. They are writing “UI Integration for InterWorx” in the description, is that true resp. how does this work?
Does it come with pre-configured rules? Or is securing everything basically the same work as with fail2ban, but with a GUI?
Many thanks. CSF works lovely and has a gui (for most settings) so is easy to configure. There is an awful lot of options though, ports UDP/TCP, IPv4 IPv6 email, interworx, FTP SSH etc failures, maxmind I think is an option as well as country banning etc… DDOS and lots more. There are defaults but you can tweek them as needed and there are a few members using CSF/LFD. Install is a breeze and you can even allow resellers to unblock IP addresses so your not bothered by requests
If your not sure, let me know and I’ll send a 1 User licence to test or as we did first, tested using one of our DNS servers using 1 user licence
There is also CSX, which replaces maldet and has a GUI, works very very well and even deletes files before been able to activate (tested using iecar test files. Well worth the money
If you want to look at one of servers, just let me know and we give you access to a new server nearing production status with CSF and CSX installed