# /etc/fail2ban/jail.d/etc-prs.conf
# Fail2ban configuration for ETC PRS server
#
# Install:
#   sudo cp scripts/fail2ban/nginx-scan.conf /etc/fail2ban/filter.d/nginx-scan.conf
#   sudo cp scripts/fail2ban/etc-prs.conf    /etc/fail2ban/jail.d/etc-prs.conf
#   sudo systemctl restart fail2ban
#   sudo fail2ban-client status nginx-scan

[DEFAULT]
banaction = ufw

[nginx-scan]
enabled   = true
port      = http,https
filter    = nginx-scan
logpath   = /var/log/nginx/access.log
# Ban after 10 errors in 30 seconds
maxretry  = 10
findtime  = 30
# Ban for 24 hours
bantime   = 86400

[nginx-badbots]
enabled   = true
port      = http,https
filter    = nginx-badbots
logpath   = /var/log/nginx/access.log
maxretry  = 2
findtime  = 86400
bantime   = 86400

[nginx-noscript]
enabled   = true
port      = http,https
filter    = nginx-noscript
logpath   = /var/log/nginx/access.log
maxretry  = 6
findtime  = 60
bantime   = 86400

[sshd]
enabled   = true
port      = ssh
filter    = sshd
logpath   = /var/log/auth.log
maxretry  = 5
findtime  = 60
bantime   = 86400