Skip to content

Instantly share code, notes, and snippets.

View hannesbe's full-sized avatar
🏠
Working from home

Hannes Van de Vel hannesbe

🏠
Working from home
View GitHub Profile
@hannesbe
hannesbe / fail2ban-apache-wp-jail-install.sh
Last active January 12, 2016 14:23
Install script for a fail2ban configuration to ban brute force attacks on all Wordpress sites on Apache (Plesk supported) server-wide
#!/bin/sh
#
# Shell script to configure fail2ban to ban
# brute force attacks on all Wordpress sites server-wide
# If fail2ban is not yet installed, it will be installed and configured first.
# Apache logfiles are monitored for attacks. If you're on Plesk all vhosts' logs
# are monitored as well. Plesk's integration with fail2ban is only available on Plesk 12+.
# This configuration should work for any Apache or Plesk setup, as long as access logs are available.
# CentOS/EL7+ required.
#
@hannesbe
hannesbe / fail2ban-firewalld-install.sh
Last active January 12, 2016 15:34
Install script fail2ban with action to firewalld | CentOS/EL 7
#!/bin/sh
#
# Shell script to install & configure fail2ban with firewalld actions
# Just one command to install & configure in a few seconds.
# CentOS/EL7+ required.
#
# Run this command to execute the script in one go
# curl -sSL https://gist.github.com/hannesbe/719c03d85134f8e9df5c/raw/fail2ban-firewalld-install.sh | bash -s
#
set -e
@hannesbe
hannesbe / csf.conf
Last active January 12, 2016 16:10
fail2ban action config for csf deny / unblock IP
# fail2ban action config for csf deny / unblock IP
# /etc/fail2ban/action.d/csf.conf
[Definition]
actionstart =
actionstop =
actioncheck =
# to deny an IP and add to /etc/csf/csf.deny
actionban = csf -d <ip> added by fail2ban for <name>
@hannesbe
hannesbe / apache-wp.conf
Last active January 14, 2016 00:39
fail2ban Apache jail for WordPress failed logins / brute force attacks
# fail2ban Apache jail for WordPress failed logins / brute force attacks
# Location in CentOS/EL7 : /etc/fail2ban/jail.d/apache-wp.conf
# 86400 = 24h, 21600 = 6h, 3600 = 1h
[apache-wp-xmlrpc]
enabled = false
filter = apache-wp-xmlrpc
port = http,https
logpath = /var/www/vhosts/*/logs/*access*log
/var/log/httpd/*access*_log
@hannesbe
hannesbe / fail2ban-allstatus.sh
Created January 14, 2016 01:33 — forked from kamermans/fail2ban-allstatus.sh
Show status of all fail2ban jails at once
#!/bin/bash
JAILS=`fail2ban-client status | grep "Jail list" | sed -E 's/^[^:]+:[ \t]+//' | sed 's/,//g'`
for JAIL in $JAILS
do
fail2ban-client status $JAIL
done
@hannesbe
hannesbe / jail.local
Last active January 25, 2016 06:23
fail2ban jail.local to enable sshd jailn & additions for specific jails
# fail2ban local jail config
# /etc/fail2ban/jail.local
# jail.conf should not be modified, put overrides to jail.conf in jail.local
# enable sshd jail
[sshd]
enabled = true
# enable recidive jail to permanently ban recidives
[recidive]
@hannesbe
hannesbe / mage-centos-fix-TLS-error.sh
Created January 25, 2016 21:35
Quick & dirty fix for the "Unknown cipher in list: TLSv1" error in Magento 1.9.2 on CentOS. Run from Magento directory.
#!/bin/bash
sed -i '377s#.*#// $this->curlOption(CURLOPT_SSL_CIPHER_LIST, ''TLSv1'');#' downloader/lib/Mage/HTTP/Client/Curl.php
@hannesbe
hannesbe / dotfiles-bootstrap.sh
Last active November 5, 2016 23:20
Launch dotfiles bootstrapper. Installs repo & deps. Then launches actual installer & changes shell.
#!/usr/bin/env bash
curl -sSL https://raw.githubusercontent.com/Connexeon/dotfiles/master/bootstrap | bash -s
@hannesbe
hannesbe / pdns-mysql-update-snippets.sql
Last active April 8, 2017 02:37
SQL snippets to bulk update records & soa
/* Update SOA records for zones having a certain IP in the content */
UPDATE records
SET `content` = 'ns1.connexeon.com. domains.connexeon.com. 2017040701 1200 400 1209600 300'
WHERE `id` IN
(SELECT `id`
FROM records_copy
WHERE `type`='SOA'
AND `domain_id` IN
(SELECT DISTINCT `domain_id`
FROM records_copy
@hannesbe
hannesbe / connexeon-zendesk-url-builder-config.json
Created May 16, 2017 23:54
JSON config for Connexeon Zendesk URL builder app to generate some useful sidebar links based on ticket, user or organization fields
[
{
"title": "Remote Control {{ticket.requester.firstname}}",
"url": "{{ticket.requester.user_fields.remote_session_link}}"
},
{
"title": "{{ ticket.organization.name }} in Omega",
"url": "http://xtranet.connexeon.com/CRM/Account.aspx?Id={{ticket.organization.organization_fields.omega_account_id}}"
},
{