View Single Post
Old 2nd February 2013, 00:37
PermaNoob PermaNoob is offline
Senior Member
Join Date: Jan 2007
Posts: 194
Thanks: 12
Thanked 5 Times in 5 Posts

Originally Posted by jysse View Post
Here is how I managed to make this work.
Debian Lenny, ISPConfig3

If I understood correct there was an error in Debian's pure-ftpd filter. Correct line in /etc/fail2ban/filter.d/pure-ftpd.conf should be:
failregex = pure-ftpd(?:\[\d+\])?: \(.+?@<HOST>\) \[WARNING\] %(__errmsg)s \[.+\]$

Here is my jail.conf lines for pure-ftpd:

enabled = true
port = ftp
filter = pure-ftpd
logpath = /var/log/messages
maxretry = 2

Hope this helps !

Thanks a lot--that missing \ in ])?: (.+?@<HOST>) sure caused a lot of trouble, including having Hetzner take my server offline for 6 hours because of the pure-ftpd attacks that weren't being blocked.

Last edited by PermaNoob; 2nd February 2013 at 00:40.
Reply With Quote