Initial commit — Performance West telecom compliance platform
Includes: API (Express/TypeScript), Astro site, Python workers, document generators, FCC compliance tools, Canada CRTC formation, Ansible infrastructure, and deployment scripts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
justin
commit
f8cd37ac8c
1823 changed files with 145167 additions and 0 deletions
11
infra/fail2ban/filter.d/pw-api.conf
Normal file
11
infra/fail2ban/filter.d/pw-api.conf
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
# fail2ban filter for Performance West API
|
||||
# Parses structured JSON access logs from the Express API.
|
||||
# Matches 403 (forbidden), 429 (rate limited), and 415 (wrong content type) responses.
|
||||
|
||||
[Definition]
|
||||
|
||||
# Match rate-limited or forbidden requests from API structured logs
|
||||
failregex = ^\[ACCESS\] .*"ip":\s*"<HOST>".*"status":\s*(403|429|415)
|
||||
^.*\[ACCESS\].*"ip":\s*"<HOST>".*"status":\s*(403|429|415)
|
||||
|
||||
ignoreregex =
|
||||
10
infra/fail2ban/jail.d/pw.conf
Normal file
10
infra/fail2ban/jail.d/pw.conf
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
# fail2ban jail for Performance West API abuse protection
|
||||
|
||||
[pw-api]
|
||||
enabled = true
|
||||
filter = pw-api
|
||||
logpath = /var/log/pw-api.log
|
||||
maxretry = 20
|
||||
findtime = 300
|
||||
bantime = 3600
|
||||
action = iptables-multiport[name=pw-api, port="80,443", protocol=tcp]
|
||||
Loading…
Add table
Add a link
Reference in a new issue