53 lines
1.1 KiB
Plaintext
53 lines
1.1 KiB
Plaintext
# /etc/fail2ban/jail.d/etc-prs.conf
|
|
# Fail2ban configuration for ETC PRS server
|
|
#
|
|
# Install:
|
|
# sudo cp scripts/fail2ban/nginx-scan.conf /etc/fail2ban/filter.d/nginx-scan.conf
|
|
# sudo cp scripts/fail2ban/etc-prs.conf /etc/fail2ban/jail.d/etc-prs.conf
|
|
# sudo systemctl restart fail2ban
|
|
# sudo fail2ban-client status nginx-scan
|
|
|
|
[DEFAULT]
|
|
# Ban IPs using UFW (already configured on this server)
|
|
banaction = ufw
|
|
|
|
[nginx-scan]
|
|
enabled = true
|
|
port = http,https
|
|
filter = nginx-scan
|
|
logpath = /var/log/nginx/access.log
|
|
|
|
# Ban if 20 errors in 60 seconds
|
|
maxretry = 20
|
|
findtime = 60
|
|
|
|
# Ban for 1 hour
|
|
bantime = 3600
|
|
|
|
[nginx-badbots]
|
|
enabled = true
|
|
port = http,https
|
|
filter = nginx-badbots
|
|
logpath = /var/log/nginx/access.log
|
|
maxretry = 2
|
|
findtime = 86400
|
|
bantime = 86400
|
|
|
|
[nginx-noscript]
|
|
enabled = true
|
|
port = http,https
|
|
filter = nginx-noscript
|
|
logpath = /var/log/nginx/access.log
|
|
maxretry = 6
|
|
findtime = 60
|
|
bantime = 3600
|
|
|
|
[sshd]
|
|
enabled = true
|
|
port = ssh
|
|
filter = sshd
|
|
logpath = /var/log/auth.log
|
|
maxretry = 5
|
|
findtime = 60
|
|
bantime = 3600
|