基本上现在我们的服务器设置得有点过于安全,fail2ban禁止刚刚浏览网站的用户,即使只有一个丢失的图像。
我需要禁用以下哪项apache设置才能阻止这种情况的发生:
[apache] enabled = true port = http,https filter = apache-auth action = iptables[name=httpd, port=http, protocol=tcp] sendmail-whois[name=httpd, dest="%(destemail)s", [email protected]] logpath = /var/log/apache*/*error.log maxretry = 3 [apache-ssl] enabled = true port = http,https filter = apache-auth action = iptables[name=httpd, port=https, protocol=tcp] sendmail-whois[name=httpd, dest="%(destemail)s", [email protected]] logpath = /var/log/apache*/*error.log maxretry = 3 [apache-multiport] enabled = true port = http,https filter = apache-auth action = iptables[name=httpd, port=http, protocol=tcp] logpath = /var/log/apache*/*error.log maxretry = 3 [apache-noscript] enabled = true port = http,https filter = apache-noscript action = iptables[name=httpd, port=http, protocol=tcp] sendmail-whois[name=httpd, dest="%(destemail)s", [email protected]] logpath = /var/log/apache*/*error.log maxretry = 20 bantime = 300 #5mins [apache-noscript-ssl] enabled = true port = http,https filter = apache-noscript action = iptables[name=httpd, port=https, protocol=tcp] sendmail-whois[name=httpd, dest="%(destemail)s", [email protected]] logpath = /var/log/apache*/*error.log maxretry = 20 bantime = 300 #5mins [apache-overflows] enabled = true port = http,https filter = apache-overflows action = iptables[name=httpd, port=http, protocol=tcp] sendmail-whois[name=httpd, dest="%(destemail)s", [email protected]] logpath = /var/log/apache*/*error.log maxretry = 3 [apache-overflows-ssl] enabled = true port = http,https filter = apache-overflows action = iptables[name=httpd, port=https, protocol=tcp] sendmail-whois[name=httpd, dest="%(destemail)s", [email protected]] logpath = /var/log/apache*/*error.log maxretry = 3 查看fail2ban日志,了解禁止用户的原因。