What jails in fail2ban is safe to use?

Calby · July 3, 2017, 8:07am

Hi,
I’m currently running Nextcloud 12 on my Ubuntu server 16.04 machine in Hyper-V VM.
I’m thinking of setting up fail2ban - I already have the Nextcloud jail.

But is the following filters safe to use or 'll it interrupt something in NextCloud?
I’m thinking of the nohome and the script filter, but the rest maybe also interrupting something?

apache-auth
apache-overflows
apache-badbots
apache-nohom
apache-pass
apache-botsearch
apache-common
apache-fakegooglebot
apache-modsecurity
apache-noscript
apache-shellshock
php-url-fopen

DByte · July 3, 2017, 8:14am

I’m running with these Apache2 jails in the same set-up as yours, NC12 on Ubuntu Server 16.04:
apache-auth
apache-badbots
apache-botsearch
apache-fakegooglebot
apache-nohome
apache-noscript
apache-overflows
apache-shellshock

I am not experiencing any adverse effects related to these jails.

Calby · July 3, 2017, 8:24am

what logs are you scanning on the quoted ones? The /var/log/apache2/access.log or the /var/log/apache2/error.log one?

DByte · July 3, 2017, 9:34am

I let fail2ban monitor the error.log for the particular vhost.

Calby · July 3, 2017, 6:08pm

Ok, thanks.
I’ll use this jails also, my guess is we are pretty safe with it.
I also have the Nextcloud jail.