syslog integration and fail2ban improvement

2020-08-30 17:33:59 +02:00
parent cd19841ec3
commit f30a06d943
7 changed files with 40 additions and 22 deletions
--- a/fail2ban/nginx-filter.local
+++ b/fail2ban/nginx-filter.local
@@ -2,6 +2,6 @@
 before = common.conf

 [Definition]
-failregex = <HOST> - .* \[.*\] ".*" (%FAIL2BAN_STATUS_CODES%) .* ".*" ".*"
+failregex = .* nginx: <HOST> - .* \[.*\] ".*" (%FAIL2BAN_STATUS_CODES%) .* ".*" ".*"
 ignoreregex =
 datepattern = %%d/%%b/%%Y:%%H:%%M:%%S
--- a/fail2ban/nginx-jail.local
+++ b/fail2ban/nginx-jail.local
@@ -1,9 +1,7 @@
-[DEFAULTS]
+[nginx-filter]
 bantime = %FAIL2BAN_BANTIME%
 findtime = %FAIL2BAN_FINDTIME%
 maxretry = %FAIL2BAN_MAXRETRY%
-
-[nginx-filter]
 enabled = true
 action = nginx-action
-logpath = /var/log/access.log
+logpath = /var/log/nginx.log