···

       
40
       
40
       
 
       


     

       
41
       
41
       
 
       
    # Jails for protecting various services

     

       
42
       
42
       
 
       
    jails = {

     

       
43
       
43
       
-
       
      # SSH protection - monitor failed login attempts

     

       
43
       
43
       
+
       
      # SSH protection - monitor failed login attempts using systemd journal

     

       
44
       
44
       
 
       
      sshd.settings = {

     

       
45
       
45
       
 
       
        enabled = true;

     

       
46
       
46
       
 
       
        port = "ssh";

     
···

       
57
       
57
       
 
       
        enabled = true;

     

       
58
       
58
       
 
       
        port = "http,https";

     

       
59
       
59
       
 
       
        filter = "caddy-http";

     

       
60
       
60
       
-
       
        logpath = "/var/log/caddy/access.log";

     

       
60
       
60
       
+
       
        logpath = "/var/log/caddy/access-*.log";

     

       
61
       
61
       
 
       
        backend = "auto";

     

       
62
       
62
       
 
       
        maxretry = 10;

     

       
63
       
63
       
 
       
        findtime = "600";

     
···

       
70
       
70
       
 
       
        enabled = true;

     

       
71
       
71
       
 
       
        port = "http,https";

     

       
72
       
72
       
 
       
        filter = "caddy-ratelimit";

     

       
73
       
73
       
-
       
        logpath = "/var/log/caddy/access.log";

     

       
73
       
73
       
+
       
        logpath = "/var/log/caddy/access-*.log";

     

       
74
       
74
       
 
       
        backend = "auto";

     

       
75
       
75
       
 
       
        maxretry = 50;

     

       
76
       
76
       
 
       
        findtime = "60";