fail2ban support

2020-04-07 23:13:59 +02:00
parent 716e54e597
commit 193070b148
7 changed files with 65 additions and 8 deletions
--- a/fail2ban/jail.local
+++ b/fail2ban/jail.local
@@ -0,0 +1,9 @@
+[DEFAULTS]
+bantime = %FAIL2BAN_BANTIME%
+findtime = %FAIL2BAN_FINDTIME%
+maxretry = %FAIL2BAN_MAXRETRY%
+
+[nginx-filter]
+enabled = true
+action = nginx-action
+logpath = /var/log/access.log
--- a/fail2ban/nginx-action.local
+++ b/fail2ban/nginx-action.local
@@ -0,0 +1,8 @@
+[Definition]
+
+actionstart = echo "" > /etc/nginx/fail2ban-ip.conf && /usr/sbin/nginx -s reload
+actionstop = echo "" > /etc/nginx/fail2ban-ip.conf && /usr/sbin/nginx -s reload
+actioncheck =
+actionflush = echo "" > /etc/nginx/fail2ban-ip.conf && /usr/sbin/nginx -s reload
+actionban = echo -n "deny <ip>;" >> /etc/nginx/fail2ban-ip.conf && /usr/sbin/nginx -s reload
+actionunban = sed -i "s/deny <ip>;//g" /etc/nginx/fail2ban-ip.conf && /usr/sbin/nginx -s reload
--- a/fail2ban/nginx-filter.local
+++ b/fail2ban/nginx-filter.local
@@ -0,0 +1,7 @@
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex = <HOST> - .* \[.*\] ".*" (%FAIL2BAN_STATUS_CODES%) .* ".*" ".*"
+ignoreregex =
+datepattern = %%d/%%b/%%Y:%%H:%%M:%%S