Skip to content

Instantly share code, notes, and snippets.

@khairulcs

khairulcs/fail2ban-nginx.md

Last active January 26, 2020 01:21
Show Gist options
  • Save khairulcs/0dad8370327e90b88a28378c44cb5fe8 to your computer and use it in GitHub Desktop.
Save khairulcs/0dad8370327e90b88a28378c44cb5fe8 to your computer and use it in GitHub Desktop.
Download ZIP
fail2ban
Raw
fail2ban-nginx.md

Install fail2ban

apt-get install fail2ban

Fail2ban config

Filter config

vim /etc/fail2ban/filter.d/nginx-req-limit.conf

# Fail2Ban configuration file
#
# supports: ngx_http_limit_req_module module

[Definition]

failregex = limiting requests, excess:.* by zone.*client: <HOST>

# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

Jail Config

Create a new jail config

vim /etc/fail2ban/jail.local
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Edit the jail.local and put the below code at the bottom

[nginx-req-limit]

enabled = true
filter = nginx-req-limit
action = iptables-multiport[name=ReqLimit, port="http,https", protocol=tcp]
logpath = /var/log/nginx/*error.log
findtime = 600
bantime = 7200
maxretry = 10

Restart jail2ban service fail2ban restart

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment