nsinnovations/fusionpbx-install.sh
Public Access
2
0
Fork 0
forked from norman/fusionpbx-install.sh-github-mirror
Code Pull Requests Activity
1,018 Commits 4 Branches 1 Tag
009702bd12220dc3843547883e1cd7a65f4c26aa
Commit Graph

62 Commits

Author SHA1 Message Date
danry25
009702bd12 Changed Fail2ban settings, updated Readme (#191) 
* Made fail2ban settings more consistent across OSes, disabled HTTP ratelimit permaban on Debian as auto-refresh behaviour in FusionPBX can trigger it.

* Increase nginx-404 ban back to 1 hour
 2018-10-11 12:22:35 -06:00
FusionPBX
b71b241aac Update jail.local 2018-08-11 15:22:30 -06:00
FusionPBX
0242ce3cc2 Update auth-challenge-ip.conf 2018-07-11 22:28:14 -06:00
FusionPBX
62a470dcc3 Update jail.local 2018-07-11 19:25:55 -06:00
FusionPBX
ea93d7dc5d Rename sip-auth-challenge-ip.conf to auth-challenge-ip.conf 2018-07-11 18:15:20 -06:00
FusionPBX
eb393b2ae1 Update jail.local 2018-07-11 18:14:57 -06:00
FusionPBX
7a5ff0f39c Update jail.local 2018-07-11 17:59:55 -06:00
FusionPBX
7cd0c465f2 Update jail.local 2018-07-11 17:48:14 -06:00
FusionPBX
a7a2cb0318 Update jail.local 2018-07-11 17:47:06 -06:00
FusionPBX
88a08226e2 Update jail.local 2018-07-11 17:43:07 -06:00
FusionPBX
fa1fa58127 Update jail.local 2018-07-11 17:35:22 -06:00
FusionPBX
868053c018 Update jail.local 2018-07-11 17:34:57 -06:00
FusionPBX
411af39f90 Create sip-auth-challenge-ip.conf 2018-07-11 17:17:19 -06:00
FusionPBX
6d5211ccfe Rename sip-auth_failure.conf to sip-auth-failure.conf 2018-05-02 15:04:00 -06:00
FusionPBX
1cf12bab2c Rename sip-auth_challenge.conf to sip-auth-challenge.conf 2018-05-02 15:03:42 -06:00
FusionPBX
86151d2661 Update jail.local 2018-05-02 15:02:40 -06:00
FusionPBX
a496aff23a Rename freeswitch-auth_challenge.conf to sip-auth_challenge.conf 2018-05-02 15:00:06 -06:00
FusionPBX
f9697e3df7 Rename freeswitch-auth_failure.conf to sip-auth_failure.conf 2018-05-02 14:59:48 -06:00
FusionPBX
371ca9f63f Update jail.local 2018-05-02 14:07:52 -06:00
FusionPBX
7ad7516c35 Update jail.local 2018-05-02 14:02:28 -06:00
FusionPBX
1389ff9066 Rename freeswitch-sip_auth_challenge.conf to freeswitch-auth_challenge.conf 2018-05-02 14:01:15 -06:00
FusionPBX
a231899789 Rename freeswitch-sip_auth_failure.conf to freeswitch-auth_failure.conf 2018-05-02 14:00:55 -06:00
FusionPBX
dc0ea82a05 Update jail.local 2018-05-02 13:26:22 -06:00
FusionPBX
03ff98bf8f Rename freeswitch-dos.conf to freeswitch-sip_auth_failure.conf 2018-05-02 13:19:27 -06:00
FusionPBX
c4c8e811d1 Create freeswitch-sip_auth_challenge.conf 2018-05-02 13:18:22 -06:00
FusionPBX
2d93a708e5 Update jail.local 2018-04-17 13:56:01 -06:00
FusionPBX
6e49545f15 Update jail.local 2018-01-20 20:11:13 -07:00
FusionPBX
ddd121c997 Rename freeswitch-404.conf to fusionpbx-404.conf 2018-01-20 20:06:44 -07:00
FusionPBX
1a95aeb331 Fail2ban - Fix the delimitter for the port range in jail.local. 2017-11-29 22:26:02 -07:00
FusionPBX
21512467a7 Update jail.local 2017-11-29 19:43:52 -07:00
FusionPBX
fe95015dc7 Update jail.local 2017-11-28 23:02:20 -07:00
FusionPBX
78875548ae Update jail.local 2017-11-28 22:52:03 -07:00
FusionPBX
37ecd268db Update jail.local 2017-10-09 11:33:17 -06:00
FusionPBX
609ae00d86 Rename fusionpbx-invalid-mac.conf to fusionpbx-mac.conf 2017-10-09 11:32:37 -06:00
FusionPBX
98e1afe8fe Update jail.local 2017-10-08 23:58:24 -06:00
FusionPBX
aa78b22568 Update jail.local 2017-10-08 23:49:05 -06:00
FusionPBX
f91c4d3fb6 Update jail.local 2017-10-08 23:24:23 -06:00
FusionPBX
f78137a767 Create fusionpbx-invalid-mac.conf 2017-10-08 22:43:19 -06:00
FusionPBX
b0d9c28ab4 Update jail.local 2017-10-08 22:31:50 -06:00
FusionPBX
d7273a3f5a Update jail.local 2017-10-08 22:29:31 -06:00
emaktech
a33131c8be Ban on auth failure instead of challenge (#113) 
Default fail2ban DoS ruleset looks for auth challenges, but auth challenges can be either successful or unsuccessful. Default rule causes problems with larger environments with many registered devices as they have many successful auth challenges with short registration periods.

By the time auth challenges can be made successfully in volume, it's far too late to be worrying about a DoS or brute force attempt - it's already too late. Rule change here will reduce false positives while still providing same level of useful protection.

Maybe also consider reducing maxretry count or increasing findtime in jail.local to catch true failed auth brute force or DoS attempts more easily in conjunction with above change.

This will be more sensitive in detection and should carry lower false positive rate.
 2017-09-02 09:09:07 -06:00
FusionPBX
db6815d315 Update jail.local 2017-06-06 23:15:08 -06:00
root
16451807dd update the file permissions 2017-03-05 06:11:42 +00:00
FusionPBX
e9a1ed3038 jail.local disable the ip ban by default 
I think this is stopping beginners. Easy to enable.
 2017-01-15 00:54:59 -07:00
FusionPBX
922677a65e Update jail.local 2016-11-25 22:00:58 -07:00
FusionPBX
2e042cf201 Rename freeswitch-inbound.conf to freeswitch-404.conf 2016-11-25 21:30:15 -07:00
FusionPBX
82efcb30d6 Update jail.local 2016-11-25 21:27:24 -07:00
FusionPBX
ce06e5d79c Update jail.local 2016-11-25 18:16:08 -07:00
FusionPBX
2d0357b1b4 Rename freeswitch-404.conf to freeswitch-inbound.conf 2016-11-25 18:13:49 -07:00
FusionPBX
cbe27f0e88 Create freeswitch-404.conf 
Fail2ban add inbound routes 404 not found
 2016-11-25 18:10:50 -07:00