Skip to content

Fail2Ban-Report-Swag #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: latest
Choose a base branch
from
Open

Fail2Ban-Report-Swag #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
21a60da
Added Fail2Ban-Report-Swag
Jandalslap Oct 11, 2025
b0a4a03
Update unblock-ip.php
Jandalslap Oct 11, 2025
fd25d05
Added homepage widget folder
Jandalslap Oct 11, 2025
92f00fa
Update docker-compose.yml
Jandalslap Oct 11, 2025
9249ed5
Update README.md
Jandalslap Oct 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions Fail2Ban-Report-Swag/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
FROM php:8.2-apache

# Enable mod_rewrite + install cron + jq + ufw + bash
RUN a2enmod rewrite \
&& apt-get update \
&& apt-get install -y nano cron jq ufw bash \
&& rm -rf /var/lib/apt/lists/*

WORKDIR /var/www/html
COPY ./Fail2Ban-Report/ /var/www/html/Fail2Ban-Report/

# Ensure permissions for archive directory
RUN chown -R www-data:www-data /var/www/html/Fail2Ban-Report/archive || true

# Create cron file
RUN echo "*/5 * * * * root /opt/Fail2Ban-Report/fail2ban_log2json.sh >/dev/null 2>&1" > /etc/cron.d/fail2ban-report \
&& echo "*/5 * * * * root /opt/Fail2Ban-Report/firewall-update.sh >/dev/null 2>&1" >> /etc/cron.d/fail2ban-report \
&& chmod 0644 /etc/cron.d/fail2ban-report

# Expose ports
EXPOSE 5000
EXPOSE 5001

# Start cron in background, then Apache
CMD service cron start && apache2-foreground

100 changes: 100 additions & 0 deletions Fail2Ban-Report-Swag/Fail2Ban-Report/.htaccess
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
# ----------------------------------------------------
# Fail2Ban-Report Docker
# ----------------------------------------------------

# Do not modify up here !

# ----------------------------------------------------
# Disable directory listing
# ----------------------------------------------------
Options -Indexes

# ----------------------------------------------------
# Block direct access to sensitive file types
# ----------------------------------------------------
<FilesMatch "\.(sh|ini|log|json)$">
Require all denied
</FilesMatch>

# ----------------------------------------------------
# Protect the .htaccess file itself
# ----------------------------------------------------
<Files .htaccess>
Require all denied
</Files>

# ----------------------------------------------------
# Protect archive/
# ----------------------------------------------------
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^archive/ - [F,L]
</IfModule>


# ----------------------------------------------------
# Set UTF-8 as default charset and RewriteEngine on
# ----------------------------------------------------
AddDefaultCharset utf-8
RewriteEngine On

##########################################################
##########################################################
##########################################################

# ----------------------------------------------------
# Set your own Rules to fit your needs down here
# Example for additonal configuration
# ----------------------------------------------------

# This is mandatory for a save setup!
# Never expose this to the internet without https and restrictions (auth / ip)

# ----------------------------------------------------
# BASIC HTTPS HEADERS
# ----------------------------------------------------

# Redirect to HTTPS (also works behind reverse proxies using X-Forwarded-Proto)
# If HTTPS is not on AND X-Forwarded-Proto is not https, redirect to https URL

#RewriteCond %{HTTPS} !=on
#RewriteCond %{HTTP:X-Forwarded-Proto} !https
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Set environment variable HTTPS=1 if X-Forwarded-Proto is https (for header conditions)
#SetEnvIf X-Forwarded-Proto https HTTPS=1

# Security headers (set only when HTTPS is active)
<IfModule mod_headers.c>
# Header always set X-Content-Type-Options "nosniff"
# Header always set X-Frame-Options "SAMEORIGIN"
# Header always set X-XSS-Protection "1; mode=block"
# Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS
</IfModule>

# ----------------------------------------------------
# Set Basic Auth
# ----------------------------------------------------
# Enable Basic Authentication (uncomment and configure if needed)
#AuthType Basic
#AuthName "Restricted Area"
#AuthUserFile /var/www/.htpasswd
#Require valid-user


# Restrict access by IP address (adjust IP ranges accordingly)
# If you want to restrict access by IP addresses only, you can use RequireAny instead of RequireAll
# <RequireAll>
# Require valid-user
# Require ip 192.168.1.1 # Single IP (recommended)
# Require ip 192.168.1.0/24 # Network-Range
# </RequireAll>

# Block access to backup files (optional)
# <FilesMatch "\.(bak|old|backup)$">
# Require all denied
# </FilesMatch>

# Add your own security headers or overrides below
# Header always set Referrer-Policy "no-referrer-when-downgrade"
# Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline';"
Binary file added Fail2Ban-Report-Swag/Fail2Ban-Report/assets/css/faviconx32.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading