Added fail2ban, though not sure its configured correctly yet

docker/rootfs/fail2ban/jail.d/airsonic-auth.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for airsonic
+# Works OOTB with defaults
+
+[airsonic-auth]
+
+enabled = false
+port    = 4040
+logpath = %(remote_logs_path)s/airsonic/airsonic.log

docker/rootfs/fail2ban/jail.d/apache-auth.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-auth
+
+[apache-auth]
+
+enabled = false
+port    = http,https
+logpath = %(apache_error_log)s

docker/rootfs/fail2ban/jail.d/apache-badbots.conf

@@ -0,0 +1,13 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-badbots
+
+# Ban hosts which agent identifies spammer robots crawling the web
+# for email addresses. The mail outputs are buffered.
+
+[apache-badbots]
+
+enabled     = false
+port        = http,https
+logpath     = %(apache_access_log)s
+bantime     = 48h
+maxretry    = 1

docker/rootfs/fail2ban/jail.d/apache-botsearch.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-botsearch
+
+[apache-botsearch]
+
+enabled     = false
+port        = http,https
+logpath     = %(apache_error_log)s
+maxretry    = 2

docker/rootfs/fail2ban/jail.d/apache-fakegooglebot.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-fakegooglebot
+
+[apache-fakegooglebot]
+
+enabled         = false
+port            = http,https
+logpath         = %(apache_access_log)s
+maxretry        = 1

docker/rootfs/fail2ban/jail.d/apache-modsecurity.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-modsecurity
+
+[apache-modsecurity]
+
+enabled     = false
+port        = http,https
+logpath     = %(apache_error_log)s
+maxretry    = 2

docker/rootfs/fail2ban/jail.d/apache-nohome.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-nohome
+
+[apache-nohome]
+
+enabled     = false
+port        = http,https
+logpath     = %(apache_error_log)s
+maxretry    = 2

docker/rootfs/fail2ban/jail.d/apache-noscript.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-noscript
+
+[apache-noscript]
+
+enabled = false
+port    = http,https
+logpath = %(apache_error_log)s

docker/rootfs/fail2ban/jail.d/apache-overflows.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-overflows
+
+[apache-overflows]
+
+enabled     = false
+port        = http,https
+logpath     = %(apache_error_log)s
+maxretry    = 2

docker/rootfs/fail2ban/jail.d/apache-shellshock.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for apache-shellshock
+
+[apache-shellshock]
+
+enabled     = false
+port        = http,https
+logpath     = %(apache_error_log)s
+maxretry    = 1

docker/rootfs/fail2ban/jail.d/authelia-auth.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for authelia
+# Works OOTB with defaults
+
+[authelia-auth]
+
+enabled  = false
+port     = http,https,9091
+logpath  = %(remote_logs_path)s/authelia/authelia.log

docker/rootfs/fail2ban/jail.d/bitwarden.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for bitwarden
+
+[bitwarden]
+
+enabled = false
+port    = http,https
+logpath = %(bitwarden_log)s

docker/rootfs/fail2ban/jail.d/dropbear.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for dropbear
+
+[dropbear]
+
+enable  = false
+port    = ssh
+logpath = %(dropbear_log)s
+backend = %(dropbear_backend)s

docker/rootfs/fail2ban/jail.d/emby-auth.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for emby
+# Works OOTB with defaults
+
+[emby-auth]
+
+enabled  = false
+port     = 8096,8920
+logpath  = %(remote_logs_path)s/emby/embyserver.txt

docker/rootfs/fail2ban/jail.d/filebrowser-auth.conf

@@ -0,0 +1,14 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for filebrowser
+# Requires modification to Filebrowsers settings
+# https://filebrowser.org/cli/filebrowser#options
+
+# Enabling logs
+
+# -e 'FB_LOG'='/log/filebrowser.log'
+
+[filebrowser-auth]
+
+enabled  = false
+port     = http,https
+logpath  = %(remote_logs_path)s/filebrowser/filebrowser.log

docker/rootfs/fail2ban/jail.d/gitea-auth.conf

@@ -0,0 +1,27 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for emby
+# Requires modification to Giteas settings
+# https://docs.gitea.io/en-us/fail2ban-setup/
+
+# Enabling, and depending on Giteas built in SSH server
+
+# [server]
+# [DISABLE_SSH      = false
+# [SSH_PORT         = 22
+# [SSH_LISTEN_PORT  = 822
+# [START_SSH_SERVER = true
+
+# Enabling logs
+
+# [log]
+# ROOT_PATH = /data/gitea/log
+# ENABLE_SSH_LOG = true
+# LEVEL     = Info
+# MODE      = file
+
+[gitea-auth]
+
+enabled  = false
+port     = http,https,822
+logpath  = %(remote_logs_path)s/gitea/gitea.log
+maxretry = 3

docker/rootfs/fail2ban/jail.d/gitlab.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for gitlab
+
+[gitlab]
+
+enabled = false
+port    = http,https
+logpath = %(logs_path)s/gitlab/gitlab-rails/application.log

docker/rootfs/fail2ban/jail.d/grafana.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for grafana
+
+[grafana]
+
+enabled = false
+port    = http,https
+logpath = %(logs_path)s/grafana/grafana.log

docker/rootfs/fail2ban/jail.d/guacamole.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for guacamole
+
+[guacamole]
+
+enabled = false
+port    = http,https
+logpath = %(logs_path)s/tomcat*/catalina.out
+# logpath = %(logs_path)s/guacamole.log

docker/rootfs/fail2ban/jail.d/haproxy-http-auth.conf

@@ -0,0 +1,12 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for haproxy-http-auth
+
+# HAProxy by default doesn't log to file you'll need to set it up to forward
+# logs to a syslog server which would then write them to disk.
+# See "haproxy-http-auth" filter for a brief cautionary note when setting
+
+[haproxy-http-auth]
+
+enabled = false
+port    = http,https
+logpath = %(logs_path)s/haproxy.log

docker/rootfs/fail2ban/jail.d/homeassistant-auth.conf

@@ -0,0 +1,17 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for homeassistant
+# Requires modification to Homeassitants settings
+# https://www.home-assistant.io/integrations/fail2ban/
+
+# Enabling logging
+
+# logger:
+#   logs:
+#     homeassistant.components.http.ban: warning
+
+[homeassistant-auth]
+
+enabled  = false
+port     = 8123
+logpath  = %(remote_logs_path)s/homeassistant/home-assistant.log
+maxretry = 2

docker/rootfs/fail2ban/jail.d/lighttpd-auth.conf

@@ -0,0 +1,11 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for lighttpd-auth
+
+# Same as Apache's mod_auth
+# It catches wrong authentifications
+
+[lighttpd-auth]
+
+enabled = false
+port    = http,https
+logpath = %(lighttpd_error_log)s

docker/rootfs/fail2ban/jail.d/nextcloud-auth.conf

@@ -0,0 +1,15 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nextcloud
+# Recommended modification to Nextcloud settings
+# https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/logging_configuration.html#file
+
+# Set the following in config.php
+
+# "log_type" => "file",
+# "logfile" => "/config/log/nextcloud/nextcloud.log",
+
+[nextcloud-auth]
+
+enabled  = false
+port     = http,https
+logpath  = %(remote_logs_path)s/nextcloud/nextcloud.log

docker/rootfs/fail2ban/jail.d/nginx-418.conf

@@ -0,0 +1,10 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx 418
+# Works OOTB with defaults
+
+[nginx-418]
+
+enabled  = false
+port     = http,https
+logpath  = %(nginx_access_log)s
+maxretry = 10

docker/rootfs/fail2ban/jail.d/nginx-bad-request.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx-bad-request
+
+[nginx-bad-request]
+
+enabled = false
+port    = http,https
+logpath = %(nginx_access_log)s

docker/rootfs/fail2ban/jail.d/nginx-badbots.conf

@@ -0,0 +1,11 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx badbots
+# Works OOTB with defaults
+
+[nginx-badbots]
+
+enabled  = false
+port     = http,https
+logpath  = %(nginx_access_log)s
+filter   = apache-badbots
+maxretry = 2

docker/rootfs/fail2ban/jail.d/nginx-botsearch.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx-botsearch
+
+[nginx-botsearch]
+
+enabled = false
+port    = http,https
+logpath = %(nginx_error_log)s

docker/rootfs/fail2ban/jail.d/nginx-deny.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx deny
+# Works OOTB with defaults
+
+[nginx-deny]
+
+enabled  = false
+port     = http,https
+logpath  = %(nginx_error_log)s

docker/rootfs/fail2ban/jail.d/nginx-http-auth.conf

@@ -0,0 +1,13 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx-http-auth
+
+# To use more aggressive http-auth modes set filter parameter "mode" in jail.local:
+# normal (default), aggressive (combines all), auth or fallback
+# See "tests/files/logs/nginx-http-auth" or "filter.d/nginx-http-auth.conf" for usage example and details.
+
+[nginx-http-auth]
+
+enabled = false
+port    = http,https
+logpath = %(nginx_error_log)s
+# mode    = normal

docker/rootfs/fail2ban/jail.d/nginx-limit-req.conf

@@ -0,0 +1,13 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx-limit-req
+
+# To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module`
+# and define `limit_req` and `limit_req_zone` as described in nginx documentation
+# http://nginx.org/en/docs/http/ngx_http_limit_req_module.html
+# or for example see in 'config/filter.d/nginx-limit-req.conf'
+
+[nginx-limit-req]
+
+enabled = false
+port    = http,https
+logpath = %(nginx_error_log)s

docker/rootfs/fail2ban/jail.d/nginx-unauthorized.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nginx unauthorized
+# Works OOTB with defaults
+
+[nginx-unauthorized]
+
+enabled  = false
+port     = http,https
+logpath  = %(nginx_access_log)s

docker/rootfs/fail2ban/jail.d/nzbget-auth.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for nzbget
+# Works OOTB with defaults
+
+[nzbget-auth]
+
+enabled  = false
+port     = 6789
+logpath  = %(remote_logs_path)s/nzbget/nzbget.log

docker/rootfs/fail2ban/jail.d/openhab-auth.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for openhab-auth
+
+[openhab-auth]
+
+enabled     = false
+logpath     = %(openhab_request_log)s
+filter      = openhab
+banaction   = %(banaction_allports)s

docker/rootfs/fail2ban/jail.d/overseerr-auth.conf

@@ -0,0 +1,12 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for overseerr
+# Requires modification to Overseerrs settings
+# https://docs.overseerr.dev/extending-overseerr/fail2ban
+
+# If you are running Overseerr behind a reverse proxy, make sure that the Enable Proxy Support setting is enabled.
+
+[overseerr-auth]
+
+enabled  = false
+port     = 5055
+logpath  = %(remote_logs_path)s/overseerr/overseerr.log

docker/rootfs/fail2ban/jail.d/php-url-fopen.conf

@@ -0,0 +1,13 @@
+## Version 2022/12/15
+# Fail2Ban jail configuration for php-url-fopen
+
+# Ban attackers that try to use PHP's URL-fopen() functionality
+# through GET/POST variables. - Experimental, with more than a year
+# of usage in production environments.
+
+[php-url-fopen]
+
+enabled = false
+port    = http,https
+logpath = %(nginx_access_log)s
+          %(apache_access_log)s

docker/rootfs/fail2ban/jail.d/phpmyadmin-syslog.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for phpmyadmin-syslog
+
+[phpmyadmin-syslog]
+
+enabled = false
+port    = http,https
+logpath = %(syslog_authpriv)s
+backend = %(syslog_backend)s

docker/rootfs/fail2ban/jail.d/prowlarr-auth.conf

@@ -0,0 +1,10 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for prowlarr
+# Works OOTB with defaults
+
+[prowlarr-auth]
+
+enabled  = false
+port     = 9696
+logpath  = %(remote_logs_path)s/prowlarr/prowlarr.txt
+filter   = servarr-auth

docker/rootfs/fail2ban/jail.d/radarr-auth.conf

@@ -0,0 +1,10 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for radarr
+# Works OOTB with defaults
+
+[radarr-auth]
+
+enabled  = false
+port     = 7878
+logpath  = %(remote_logs_path)s/radarr/radarr.txt
+filter   = servarr-auth

docker/rootfs/fail2ban/jail.d/sabnzbd-auth.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for sabnzbd
+# Works OOTB with defaults
+
+[sabnzbd-auth]
+
+enabled  = false
+port     = 8080
+logpath  = %(remote_logs_path)s/sabnzbd/sabnzbd.log

docker/rootfs/fail2ban/jail.d/selinux-ssh.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for selinux-ssh
+
+[selinux-ssh]
+
+enable  = false
+port     = ssh
+logpath  = %(auditd_log)s

docker/rootfs/fail2ban/jail.d/sonarr-auth.conf

@@ -0,0 +1,10 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for sonarr
+# Works OOTB with defaults
+
+[sonarr-auth]
+
+enabled  = false
+port     = 8989
+logpath  = %(remote_logs_path)s/sonarr/sonarr.txt
+filter   = servarr-auth

docker/rootfs/fail2ban/jail.d/sshd.conf

@@ -0,0 +1,13 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for sshd
+
+[sshd]
+
+# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
+# normal (default), ddos, extra or aggressive (combines all).
+# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
+#mode   = normal
+enabled  = false
+port    = ssh
+logpath = %(sshd_log)s
+backend = %(sshd_backend)s

docker/rootfs/fail2ban/jail.d/suhosin.conf

@@ -0,0 +1,8 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for suhosin
+
+[suhosin]
+
+enabled = false
+port    = http,https
+logpath = %(suhosin_log)s

docker/rootfs/fail2ban/jail.d/traefik-auth.conf

@@ -0,0 +1,11 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for traefik-auth
+
+# to use 'traefik-auth' filter you have to configure your Traefik instance,
+# see `filter.d/traefik-auth.conf` for details and service example.
+
+[traefik-auth]
+
+enabled = false
+port    = http,https
+logpath = %(logs_path)s/traefik/access.log

docker/rootfs/fail2ban/jail.d/unifi-controller-auth.conf

@@ -0,0 +1,9 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for unifi controller
+# Works OOTB with defaults
+
+[unifi-controller-auth]
+
+enabled  = false
+port     = 8080,8443
+logpath  = %(remote_logs_path)s/unificontroller/server.log

docker/rootfs/fail2ban/jail.d/unraid-sshd.conf

@@ -0,0 +1,12 @@
+## Version 2022/08/07
+# Fail2Ban jail configuration for unRAID sshd
+# Works OOTB with defaults
+
+# chain set to INPUT to apply bans at the host level
+
+[unraid-sshd]
+
+enabled  = false
+port     = ssh
+logpath  = %(var_log_path)s/syslog
+filter   = sshd[mode=aggressive]

docker/rootfs/fail2ban/jail.d/unraid-webgui.conf

@@ -0,0 +1,11 @@
+## Version 2022/08/07
+# Fail2Ban jail configuration for unRAID web GUI
+# Works OOTB with defaults
+
+# chain set to INPUT to apply bans at the host level
+
+[unraid-webgui]
+
+enabled  = false
+port     = http,https
+logpath  = %(var_log_path)s/syslog

docker/rootfs/fail2ban/jail.d/vaultwarden-auth.conf

@@ -0,0 +1,14 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for vaultwarden
+# Requires modification to Vaultwardens settings
+# https://github.com/dani-garcia/vaultwarden/wiki/Logging#logging-to-a-file
+
+# Specify the path to the log file with the LOG_FILE environment variable
+
+# -e LOG_FILE=/data/vaultwarden.log
+
+[vaultwarden-auth]
+
+enabled  = false
+port     = http,https
+logpath  = %(remote_logs_path)s/vaultwarden/vaultwarden.log

docker/rootfs/fail2ban/jail.d/znc-adminlog.conf

@@ -0,0 +1,10 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for
+
+# enable adminlog; it will log to a file inside znc's directory by default.
+
+[znc-adminlog]
+
+enabled  = false
+port     = 6667
+logpath  = %(znc_log)s

docker/rootfs/fail2ban/jail.d/zoneminder.conf

@@ -0,0 +1,11 @@
+## Version 2022/08/06
+# Fail2Ban jail configuration for zoneminder
+
+# Zoneminder HTTP/HTTPS web interface auth
+# Logs auth failures to apache2 error log
+
+[zoneminder]
+
+enabled = false
+port    = http,https
+logpath = %(apache_error_log)s