HEX
Server: Apache
System: Linux u11 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: ry040200 (1273)
PHP: 7.2.34
Disabled: passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,popen,show_source,shell_exec,exec,virtual,proc_get_status,proc_terminate,system,syslog,mail
$ pwd: /etc/fail2ban/filter.d/
Upload Files
File: //etc/fail2ban/filter.d/vsftpd.conf
# Fail2Ban filter for vsftp
#
# Configure VSFTP for "dual_log_enable=YES", and have fail2ban watch
# /var/log/vsftpd.log instead of /var/log/secure. vsftpd.log file shows the
# incoming ip address rather than domain names.

[INCLUDES]

before = common.conf

[Definition]

__pam_re=\(?%(__pam_auth)s(?:\(\S+\))?\)?:?
_daemon =  vsftpd

failregex = ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=(ftp)? ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
            ^ \[pid \d+\] \[[^\]]+\] FAIL LOGIN: Client "<HOST>"(?:\s*$|,)
            ^.*\[pid \d+\] \[.*\] FTP response: Client "<HOST>", "530 Permission denied\."


ignoreregex = 

# Author: Cyril Jaquier
# Documentation from fail2ban wiki
@ Telegram