Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Traefik fail2ban
# /etc/fail2ban/filter.d/traefik-auth.conf
[Definition]
failregex = ^<HOST> \- \S+ \[\] \"(GET|POST|HEAD) .+\" 401 .+$
# /etc/fail2ban/filter.d/traefik-botsearch.conf
[INCLUDES]
before = botsearch-common.conf
[Definition]
failregex = ^<HOST> \- \S+ \[\] \"(GET|POST|HEAD) \/<block> \S+\" 404 .+$
# /etc/fail2ban/jail.d/traefik.conf
[traefik-auth]
enabled = true
logpath = %(traefik_access_log)s
port = http,https
[traefik-botsearch]
enabled = true
logpath = %(traefik_access_log)s
maxretry = 1
port = http,https
[traefik-badbots]
enabled = true
filter = apache-badbots
logpath = %(traefik_access_log)s
maxretry = 1
port = http,https
@AnderssonPeter
Copy link

AnderssonPeter commented Jul 8, 2018

How do I use this?

@Svarto
Copy link

Svarto commented Aug 8, 2018

Would also love to know how to use traefik + fail2ban

@1mckenna
Copy link

1mckenna commented Sep 10, 2018

Create the files above then you just have to change logpath to be whereever you store your traefik access log.

Then add this to /etc/fail2ban/jail.local

[traefik-auth]
enabled = true

[traefik-botsearch]
enabled = true

[traefik-badbots]
enabled = true

@robojerk
Copy link

robojerk commented Feb 10, 2019

I get the following error
Failed during configuration: Bad value substitution: option 'logpath' in section 'traefik-auth' contains an interpolation key 'traefik_access_log' which is not a valid option name. Raw value: '%(traefik_access_log)s'

@datenfahrt
Copy link

datenfahrt commented Apr 8, 2019

i think, you have to define the key "traefik_access_log" in your paths-common.conf (or paths-debian.conf / Name may vary on your server OS) like (in the [DEFAULT] Section)

# traefik
traefik_access_log = /path/to/log/traefik/access.log

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment