add fail2ban scripts

scripts/fail2ban/etc-prs.conf

@@ -0,0 +1,52 @@
+# /etc/fail2ban/jail.d/etc-prs.conf
+# Fail2ban configuration for ETC PRS server
+#
+# Install:
+#   sudo cp scripts/fail2ban/nginx-scan.conf /etc/fail2ban/filter.d/nginx-scan.conf
+#   sudo cp scripts/fail2ban/etc-prs.conf    /etc/fail2ban/jail.d/etc-prs.conf
+#   sudo systemctl restart fail2ban
+#   sudo fail2ban-client status nginx-scan
+
+[DEFAULT]
+# Ban IPs using UFW (already configured on this server)
+banaction = ufw
+
+[nginx-scan]
+enabled  = true
+port     = http,https
+filter   = nginx-scan
+logpath  = /var/log/nginx/access.log
+
+# Ban if 20 errors in 60 seconds
+maxretry = 20
+findtime = 60
+
+# Ban for 1 hour
+bantime  = 3600
+
+[nginx-badbots]
+enabled  = true
+port     = http,https
+filter   = nginx-badbots
+logpath  = /var/log/nginx/access.log
+maxretry = 2
+findtime = 86400
+bantime  = 86400
+
+[nginx-noscript]
+enabled  = true
+port     = http,https
+filter   = nginx-noscript
+logpath  = /var/log/nginx/access.log
+maxretry = 6
+findtime = 60
+bantime  = 3600
+
+[sshd]
+enabled  = true
+port     = ssh
+filter   = sshd
+logpath  = /var/log/auth.log
+maxretry = 5
+findtime = 60
+bantime  = 3600