SSL Labs Score

It finally happened. Although I've been running AdminExile with Fail2Ban for a long time, nobody has asked how to do it. Certainly, there are some admins out there who didn't need help. Someone finally asked, and that prompted me to write this document.

This document is for administrators who operate their own servers, and are capable of installing and configuring Fail2Ban. Users who are on shared servers, or use commodity services to host their sites will probably not have access to install or configure Fail2Ban.

Any current (and future) version of AdminExile is capable of this configuration.

AdminExile configuration:

In /administrator, view the AdminExile configuration within the Plugin Manager. The only necessary configuration is to set "Enable Failure Logs" to "Yes"

Fail2Ban configuration:

First, you need to create a filter. This template is a very simple example, because the goal is only to identify the specific lines in the error log which indicate an AdminExile failure.

# Fail2Ban filter to block failed AdminExile authentication 


failregex = ^.*?\(<HOST>\) failed to authenticate via AdminExile
ignoreregex =

Second, you must configure Fail2Ban to utilize this filter. There are many ways to do it, but I like to maintain a jail.local file. This file defines which filter is to be used, which file the filter is supposed to monitor, the maximum number of tolerated failures, and the penalty for exceeding that maximum.

enabled = true
port = http,https
filter = adminexile
logpath = /var/log/apache2/error.log
maxretry = 2
findtime = 600

Of course, you'll need to adjust this to the location of your server error log.

Once configured, restart Fail2Ban and you should be in business.

Discuss this article in the forums (0 replies).

There is an excellent article on Forbes titled "US Businesses Can't Hide From GDPR" and that led me to the question - How many companies are unaware of their exposure?

The answer is actually very easy to determine. If you answer yes to both of these questions, then you are subject to the GDPR regulations.

  1. Are you running a business and engaged in economic activity, and does you business collect or process personal data obtained from EU residents? (Article 4(18))
  2. Does your business have more than 250 employees? (Article 30)

If you answer no to question 2, you might still be subject to GDPR but it would benefit you to consult with legal council.

Discuss this article in the forums (1 replies).
Discuss this article in the forums (1 replies).

All RicheyWeb servers now offer protocol upgrade to HTTP/2!

What does this mean for hosted sites? That's difficult to describe in laymans terms. The inaccurate description is that connections are more efficient and streamlined to browsers which support HTTP/2. There is a much longer description of the benefits, but I won't put it here. You can read about it on its Wikipedia page: HTTP/2

Discuss this article in the forums (0 replies).

I'm glad I was up early this morning, because I forgot to turn off the backup of a directory I had used for temporary storage. Yes, I filled the disk.

Sorry for any interruption of the software downloads.

Discuss this article in the forums (0 replies).

More Articles ...