User contributions for Admin

16 December 2025

• 15:3115:31, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-lfi No edit summary
• 15:3115:31, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-kevins No edit summary
• 15:3015:30, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-dolibarr No edit summary
• 15:3015:30, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-dir-trav No edit summary
• 15:3015:30, 16 December 2025 diff hist +51 FAIL2BAN - Filter.d - http-ddos No edit summary
• 15:3015:30, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-crlf No edit summary
• 15:3015:30, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-command-inj No edit summary
• 15:2915:29, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-502-503 No edit summary
• 15:2915:29, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-404 No edit summary
• 15:2915:29, 16 December 2025 diff hist +53 FAIL2BAN - Filter.d - http-403 No edit summary
• 15:2815:28, 16 December 2025 diff hist +8 FAIL2BAN - Filter.d - http-401 No edit summary
• 15:2815:28, 16 December 2025 diff hist +45 FAIL2BAN - Filter.d - http-401 No edit summary
• 15:2115:21, 16 December 2025 diff hist +1,631 CLONEZILLA - Set up Clonezilla in GRUB on a Debian-based VPS No edit summary
• 14:5514:55, 16 December 2025 diff hist +4,456 N FAIL2BAN - Filter.d - http-nextcloud Created page with "Category:Wiki = Definition = <nowiki> [Definition] # /etc/fail2ban/filter.d/http-nextcloud.conf # Nextcloud-specific abuse patterns failregex = ^<HOST>.*( # Login related attacks (brute-forcing, password guessing, and login attempts) /index.php.*action=login.*| # Login attempts /index.php.*user.*| # User login page /index.php.*password.*| # Password reset or login-related parameters /index.php.*a..."
• 14:5414:54, 16 December 2025 diff hist +4,057 N FAIL2BAN - Filter.d - http-dolibarr Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # Dolibarr specific attack patterns failregex = ^<HOST>.*( # Login-related attacks (Brute-forcing, password guessing) /index.php.*action=login.*| # Login page (login attempt) /index.php.*login.*| # Generic login attempt /index.php.*password.*| # Password reset or login with parameter /index.php.*user.*| # User login attempt..."
• 14:4314:43, 16 December 2025 diff hist +5,438 N FAIL2BAN - Filter.d - http-wordpress Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # /etc/fail2ban/filter.d/http-wordpress.conf # WordPress specific attack patterns failregex = ^<HOST>.*( # WordPress Core and Admin /wp-admin/install.php.*| # WordPress install script /wp-admin/.*/| # Wildcard to catch all wp-admin paths /wp-login.php.*| # Login page /wp-activate.php.*| # Account activation /wp-config.php..."
• 14:3414:34, 16 December 2025 diff hist +170 FAIL2BAN - fail2ban-client Manpage No edit summary
• 14:3014:30, 16 December 2025 diff hist +4,088 N FAIL2BAN - Filter.d - http-kevins Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # Script-kiddies and Kevins patterns failregex = ^<HOST>.*/wp-content/plugins/hellopress/wp_filemanager.php.* ^<HOST>.*/wp-includes/rest-api/alfa-rex.php7.* ^<HOST>.*/widgets.php.* ^<HOST>.*/b.php.* ^<HOST>.*/admin.php.* ^<HOST>.*/autoload_classmap.php.* ^<HOST>.*/wp-activate.php.* ^<HOST>.*/db.php.* ^<HOST>.*/bless.php.* ^<HOST>.*/blurbs.php.* ^<HOST>.*/cord.php.* ^<HOST>.*/axx.php..."
• 14:2814:28, 16 December 2025 diff hist +517 N FAIL2BAN - Filter.d - http-xss Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-xss.conf # Cross-Site Scripting (XSS) # Matches typical XSS attack vectors where input is reflected on the web page failregex = ^<HOST>.*(<script.*>.*</script>|<.*javascript:.*|<.*onerror=.*|<.*onload=.*|<.*alert\(.*\)).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-xss] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -..."
• 14:2714:27, 16 December 2025 diff hist +479 N FAIL2BAN - Filter.d - http-suspicious Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-suspicious.conf # General Suspicious URL Patterns (including bad characters like `\`, `;`, `&`, etc.) failregex = ^<HOST>.*(\/\.\.\/|\.\.\/|\.\.\\|\\|%%3b|%%26|%%2f|%%2e%%2e).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-suspicious] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</now..."
• 14:2614:26, 16 December 2025 diff hist −1 FAIL2BAN - Filter.d - http-sql-like No edit summary
• 14:2614:26, 16 December 2025 diff hist +564 N FAIL2BAN - Filter.d - http-sql-like Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-sql-like.conf # SQL-like SELECT Statements that could indicate SQL Injection Attempts # This also tries to capture long SELECT/INSERT/UPDATE queries with SQL injection techniques failregex = ^<HOST>.*(select.*from.*|insert.*into.*|update.*set.*|delete.*from.*).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-sql-like] enabled = true banaction = %(banaction_allports)s logpath = /var/lo..."
• 14:2514:25, 16 December 2025 diff hist +622 N FAIL2BAN - Filter.d - http-sql-inj Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-sql-inj.conf # SQL Injection Attempts # Matches common SQL injection patterns such as ' or 1=1 --, ; DROP TABLE, etc. failregex = ^<HOST>.*(select.*from.*where.*union.*select.*from.*information_schema.tables|insert.*into.*values.*select.*from.*information_schema.tables|union.*select.*null.*from.*information_schema.tables|or.*1=1).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-sql-inj] enabled =..."
• 14:2314:23, 16 December 2025 diff hist +510 N FAIL2BAN - Filter.d - http-shell-command Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-shell-command.conf # Attempted Shell Command Execution in URLs (e.g., using ?cmd=) # This could indicate an attempt to execute system commands via web apps. failregex = ^<HOST>.*(\?cmd=|system\(|exec\().*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-shell-command] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findt..."
• 14:2214:22, 16 December 2025 diff hist +546 N FAIL2BAN - Filter.d - http-rfi Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-rfi.conf # Remote File Inclusion (RFI) # Matches attempts to include remote files (e.g. http://example.com/malicious_file.php) failregex = ^<HOST>.*(?:https?|ftp):\/\/(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}\/.*\.(?:php|jsp|asp|cgi|pl|txt|xml|json|html?).*$` ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-rfi] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access...."
• 14:2114:21, 16 December 2025 diff hist +480 N FAIL2BAN - Filter.d - http-php-code-inj Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-php-code-inj.conf # PHP Code Injection # Matches PHP-based code injection attempts such as `<?php eval($_POST[cmd]); ?>` failregex = ^<HOST>.*(\<\?php.*eval.*\$_POST.*\;\?\>).* ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-php-code-inj] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</no..."
• 14:2014:20, 16 December 2025 diff hist +513 N FAIL2BAN - Filter.d - http-path-t Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-path-t.conf # Path Traversal Attacks # Matches attempts to traverse the directory structure (e.g., ../../etc/passwd or .\..\etc\passwd) failregex = ^<HOST>.*(\.\./|\.\.\\|%%2e%%2e%%2f|%%2e%%2e%%5c).*\/etc\/passwd.*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-path-t] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 fi..."
• 14:1914:19, 16 December 2025 diff hist +672 N FAIL2BAN - Filter.d - http-non-exist Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-non-exist.conf # Requesting non-existent files like backup, .git, or config files # These are often targeted by attackers to find hidden sensitive files. # THIS FILE NEED TO BE CUSTOMIZED REGARDING YOUR NEEDS # failregex = ^<HOST>.*(\.git\/|\.env|\.bak|\.tar.gz|\.sql|\.sh|config\.php).*$ failregex = ^<HOST>.*(\.git\/|\.env|\.bak|\.tar.gz|\.sql|config\.php).*$ ignoreregex =</nowiki> =..."
• 14:1614:16, 16 December 2025 diff hist +475 N FAIL2BAN - Filter.d - http-malicious Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-malicious.conf # Malicious HTTP Methods # Matches attempts to use HTTP methods that are often abused (e.g., TRACE, DELETE, PATCH) failregex = ^<HOST>.*(TRACE|DELETE|PATCH).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-malicious] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>"
• 14:1514:15, 16 December 2025 diff hist +462 N FAIL2BAN - Filter.d - http-lfi Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-lfi.conf # Local File Inclusion (LFI) # Matches patterns that indicate an attempt to include local files (e.g. ../../etc/passwd) failregex = ^<HOST>.*(\.\./|\.\.\\).*\/etc\/passwd.*$</nowiki> = Jail.conf = <nowiki> [http-lfi] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>"
• 14:1414:14, 16 December 2025 diff hist +453 N FAIL2BAN - Filter.d - http-dir-trav Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-dir-trav.conf # Directory Traversal Attempts # Matches the occurrence of '../' which is often used for directory traversal failregex = ^<HOST>.*\.\.\/.*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-dir-trav] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>"
• 14:1314:13, 16 December 2025 diff hist +468 N FAIL2BAN - Filter.d - http-crlf Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-crlf.conf # HTTP Response Splitting (CRLF Injection) # Matches attempts to inject headers or CRLF sequences into the response failregex = ^<HOST>.*(\r\n|\n\r|\r|\n).*Host:.*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-crlf] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>"
• 14:0714:07, 16 December 2025 diff hist +494 N FAIL2BAN - Filter.d - http-command-inj Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-command-inj.conf # Command Injection # Matches typical command injection patterns like 'cat /etc/passwd', or 'ls; rm -rf' failregex = ^<HOST>.*(cat.*\/etc\/passwd|ls;.*rm.*-rf|\/bin\/bash).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-command-inj] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend..."
• 14:0214:02, 16 December 2025 diff hist +24 FAIL2BAN - Filter.d - http-502-503 No edit summary
• 13:4913:49, 16 December 2025 diff hist +13 FAIL2BAN - Filter.d - http-502-503 No edit summary
• 13:4413:44, 16 December 2025 diff hist 0 FAIL2BAN - Filter.d - http-502-503 No edit summary
• 13:4413:44, 16 December 2025 diff hist +453 N FAIL2BAN - Filter.d - http-502-503 Created page with "Category:Wiki = Filter.d = <nowiki> # /etc/fail2ban/filter.d/http-502-503.conf [Definition] failregex = ^<HOST> -.*"(GET|POST|HEAD).*HTTP.*" 502 = ^<HOST> -.*"(GET|POST|HEAD).*HTTP.*" 503 ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-502-503] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*error*.log /var/log/nginx/*access*.log maxretry = 20 findtime = 20 backend = polling</nowiki>"
• 13:4013:40, 16 December 2025 diff hist +5 FAIL2BAN - Filter.d - w00tw00t No edit summary
• 13:3713:37, 16 December 2025 diff hist +98 FAIL2BAN - Filter.d - http-404 No edit summary
• 13:3013:30, 16 December 2025 diff hist −42 FAIL2BAN - Filter.d - http-403 No edit summary
• 13:2913:29, 16 December 2025 diff hist +12 FAIL2BAN - Filter.d - http-403 No edit summary
• 13:2813:28, 16 December 2025 diff hist −34 FAIL2BAN - Filter.d - http-401 No edit summary
• 13:2513:25, 16 December 2025 diff hist −7 FAIL2BAN - Filter.d - Proxmox No edit summary
• 13:2513:25, 16 December 2025 diff hist −79 FAIL2BAN - Filter.d - Proxmox No edit summary
• 07:5407:54, 16 December 2025 diff hist −261 PROXMOX - Troubleshoot Cluster No edit summary
• 07:5407:54, 16 December 2025 diff hist +16,282 N PROXMOX - Troubleshoot Cluster Created page with "Category:Wiki When managing a Proxmox cluster, various issues may arise that can affect cluster functionality, node communication, virtual machine performance, or storage. This guide outlines common troubleshooting steps and tools for resolving issues in a Proxmox cluster. == Cluster Communication Issues == Cluster communication issues often occur when nodes are unable to properly sync with each other. These issues can prevent quorum, affect high availability, or..."
• 07:4407:44, 16 December 2025 diff hist −18 PROXMOX - Clustering No edit summary
• 07:4307:43, 16 December 2025 diff hist +5,143 N PROXMOX - Clustering Created page with "Category:Wiki == Proxmox Cluster Configuration with 4 Nodes == Before starting, ensure that: * All nodes have Proxmox installed and updated. * The nodes are on the same network. * SSH key-based authentication is set up between the nodes. * You have a consistent hostname and DNS setup across all nodes. * Ensure NTP (Network Time Protocol) is configured and synchronized across all nodes. === Cluster Configuration Overview === A Proxmox cluster uses the Corosync and..."
• 06:4006:40, 16 December 2025 diff hist −92 ARISTA - BGP Commands No edit summary
• 06:3906:39, 16 December 2025 diff hist +5,926 N ARISTA - BGP Commands Created page with "Category:Wiki == Configuring BGP on Arista EOS == To start configuring BGP, you need to enter global configuration mode and enable BGP for a specific Autonomous System (AS). <nowiki> router bgp [AS_NUMBER]</nowiki> Example: <nowiki> router bgp 65001</nowiki> == BGP Neighbors Configuration == You can define BGP neighbors, which are other BGP routers with which your device will exchange routing information. ### Add a Neighbor <nowiki> neighbor [IP_ADDRESS] r..." Tag: Recreated