Skip to content

Instantly share code, notes, and snippets.

@seyyah

seyyah/fail2ban_notifier.rb

Forked from etdsoft/fail2ban_notifier.rb
Created March 3, 2019 15:26
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save seyyah/789f554b57b623a790da6e050479136f to your computer and use it in GitHub Desktop.
Save seyyah/789f554b57b623a790da6e050479136f to your computer and use it in GitHub Desktop.
Download ZIP
Simple Fail2banNotifier for exception_notification (will submit a pull request and update gist when accepted). See: http://securityroots.com/blog/2014/01/protecting-app-rails-fail2ban/
Raw
fail2ban_notifier.rb
class Fail2banNotifier
def initialize(options)
@default_options = options
@default_options[:logfile] ||= Rails.root.join('log', 'fail2ban.log')
# Roll over every 30M, keep 10 files
@logger ||= Logger.new(@default_options[:logfile], 10, 30*1024*1024)
end
def call(exception, options={})
env = options[:env]
request = ActionDispatch::Request.new(env)
# <ip> : <exception class> : <method> <path> -- <params>
msg = "%s : %s : %s %s -- %s" % [
request.remote_ip,
exception.class,
request.request_method,
env["PATH_INFO"],
request.filtered_parameters.inspect
]
@logger.error(msg)
end
end
Raw
jail.local
# Custom Rails app jail. Add to /etc/fail2ban/jail.local
[rails-app]
enabled = true
port = http,https
filter = rails-app
logpath = /path/to/app/log/fail2ban.log
bantime = 3600
findtime = 600
maxretry = 10
Raw
rails-app.conf
# Custom Rails app filter. Place in /etc/fail2ban/filter.d/
[Definition]
failregex = : <HOST> :
ignoreregex =
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment