【筆記】用 Fail2ban 捕捉 4XX (Nginx)

[vega]

免責聲明：此文為網路捉取，非本人撰寫，經實作可用，故分享。純屬分享，採用與否請自行決定，本人不負責任何後果。歡迎多多指教！

代碼: 選擇全部

#/etc/fail2ban/filter.d/nginx-access-limit.conf
[Definition]
failregex = ^<HOST> - - .*\"(GET|POST).*
ignoreregex =

代碼: 選擇全部

#/etc/fail2ban/jail.local
[nginx-access-limit]
enabled = true
filter = nginx-access-limit
action = iptables-multiport[name=nginx-access-limit, port="http,https", protocol=tcp]
logpath = /var/log/nginx/access.log
findtime = 5
bantime = 900
maxretry = 100

代碼: 選擇全部

#/etc/fail2ban/jail.local
[nginx-req-limit]
enabled = true
filter = nginx-req-limit
action = iptables-multiport[name=nginx-req-limit, port="http,https", protocol=tcp]
logpath = /var/log/nginx/*error.log
findtime = 60
bantime = 900
maxretry = 10