【筆記】用 Fail2ban 捕捉 4XX (Nginx)
發表於 : 2020-05-17, 23:31
免責聲明:此文為網路捉取,非本人撰寫,經實作可用,故分享。純屬分享,採用與否請自行決定,本人不負責任何後果。歡迎多多指教!
代碼: 選擇全部
#/etc/fail2ban/filter.d/nginx-access-limit.conf
[Definition]
failregex = ^<HOST> - - .*\"(GET|POST).*
ignoreregex =
代碼: 選擇全部
#/etc/fail2ban/jail.local
[nginx-access-limit]
enabled = true
filter = nginx-access-limit
action = iptables-multiport[name=nginx-access-limit, port="http,https", protocol=tcp]
logpath = /var/log/nginx/access.log
findtime = 5
bantime = 900
maxretry = 100
代碼: 選擇全部
#/etc/fail2ban/jail.local
[nginx-req-limit]
enabled = true
filter = nginx-req-limit
action = iptables-multiport[name=nginx-req-limit, port="http,https", protocol=tcp]
logpath = /var/log/nginx/*error.log
findtime = 60
bantime = 900
maxretry = 10