Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Because fail2ban in its self is a made for handling brute force dictionary attacks (or just try to quess the password) why not use that for Drupal?
I know this is watchdog's job (what about D6?) but Drupal goes through the bootstrap process every time eating the server resources. So at some point the user/bot should be banned and fail2ban does that nicely with this new jail.
So if you accept the new filter, conf/jail and documentation:
1. Because of a new filter a changed the filter names to be more descriptive.
2. Documentations (READMEs) are improved and ready with a little differences between versions needed.
3. There are new confs for jails.
I assigned this to D7 project but the (of course) these works for D6 too. And if I understood right D6 projects needs this more that D7.
| Comment | File | Size | Author |
|---|---|---|---|
| fail2ban.zip | 3.96 KB | tipit |
Comments
Comment #1
cafuego commentedThanks TipiT, I'll have a look at your code later this week. Are you able to create a sandbox project and use git instead of attaching a zip file?
Comment #2
tipit commentedThere is no need to make a sandbox. The PHP code has not changed at all. Just a new jail is added. You will figure out what is done in like three minutes if when you look inside the .zip.
Comment #3
cafuego commentedI've created new -dev releases with your jail. I've made some changes to the READMEs you've provided and I called the comment jail drupal-comment instead of drupal-spam.
Comment #4
tipit commentedIt seems the release is not -dev but 7.x-1.1. That was the goal?
Changes are good. And yes, maybe drupal-comment is better name. :)