-#Server security
## php.ini
PHP settings are defined in:
- a main configuration file, usually found under `/etc/php5/php.ini`; some distributions provide different configuration environments, e.g.
## fail2ban
`fail2ban` is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses `iptables` profiles to block brute-force attempts:
-- [Official website](http://www.fail2ban.org/wiki/index.php/Main_Page)[](.html)
-- [Source code](https://github.com/fail2ban/fail2ban)[](.html)
+- [Official website](http://www.fail2ban.org/wiki/index.php/Main_Page)
+- [Source code](https://github.com/fail2ban/fail2ban)
### Read Shaarli logs to ban IPs
Example configuration:
`/etc/fail2ban/jail.local`
```ini
-[shaarli-auth][](.html)
+[shaarli-auth]
enabled = true
port = https,http
filter = shaarli-auth
`/etc/fail2ban/filter.d/shaarli-auth.conf`
```ini
-[INCLUDES][](.html)
+[INCLUDES]
before = common.conf
-[Definition][](.html)
+[Definition]
failregex = \s-\s<HOST>\s-\sLogin failed for user.*$
ignoreregex =
```