Skip to content

Instantly share code, notes, and snippets.

@briped

briped/nginx-domoticz-jail.conf

Last active September 15, 2017 02:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save briped/acd91d0a1a20ca198c6c3e0daa458b82 to your computer and use it in GitHub Desktop.
Save briped/acd91d0a1a20ca198c6c3e0daa458b82 to your computer and use it in GitHub Desktop.
Download ZIP
Fail2Ban configuration files for Domoticz behind NGINX Reverse Proxy
Raw
nginx-domoticz-jail.conf
# Fail2Ban jail configuration file for Domoticz behind NGINX Reverse Proxy.
# nginx-domoticz.conf
#
# The X-Forwarded-For IP isn't logged in the Domoticz log, and so any failed
# attempts will show the NGINX reverse proxy IP rather than the actual IP.
#
# Workaround is to look at all attempts and then set the maxretry number to 5.
# This doesn't protect against distributed attempts.
#
# Author: Brian Schmidt Pedersen
#
[nginx-domoticz]
enabled = true
port = http,https
filter = nginx-domoticz
logpath = %(nginx_access_log)s
maxretry= 5
Raw
nginx-domoticz.conf
# Fail2Ban filter configuration file for Domoticz behind NGINX Reverse Proxy.
# nginx-domoticz.conf
#
# The X-Forwarded-For IP isn't logged in the Domoticz log, and so any failed
# attempts will show the NGINX reverse proxy IP rather than the actual IP.
#
# Workaround is to check for the logincheck parameter, and ban if more than
# maxretry attempts, and then set the maxretry number to a higher value. Also
# checking all attempts that get a 401 (Unauthorized), as failed API attempts
# will show this. This doesn't protect against distributed attempts.
#
# Author: Brian Schmidt Pedersen
#
[Definition]
failregex = ^<HOST> -[^"]*"GET /json\.htm\?type=command&param=logincheck&[^"]*" 200
^<HOST> -[^"]*"GET /json\.htm\?[^"]*" 401
ignoreregex =
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment