我正在尝试设置一些与 Nginx 相关的 jail。但我注意到 fail2ban 使用 IPTables 禁止了 IP,但我仍然可以使用该表单登录。
[sshd]
enabled = true
filter = sshd
maxretry = 3
action = iptables[name=SSH, port=xxxxx, protocol=tcp]
telegram
port = 23561
bantime = -1
findtime = 30m
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[nginx-auth]
enabled = true
filter = nginx-auth
action = iptables-multiport[name=NoAuthFailures, port="http,https"]
logpath = /var/log/nginx*/*error*.log
bantime = -1
maxretry = 6
[nginx-login]
enabled = true
filter = nginx-login
action = iptables-multiport[name=NoLoginFailures, port="http,https"]
telegram
logpath = /var/log/nginx*/*access*.log
bantime = -1
maxretry = 6
[nginx-badbots]
enabled = true
filter = apache-badbots
action = iptables-multiport[name=BadBots, port="http,https"]
telegram
logpath = /var/log/nginx*/*access*.log
bantime = -1
maxretry = 1
[nginx-noscript]
enabled = true
action = iptables-multiport[name=NoScript, port="http,https"]
telegram
filter = nginx-noscript
logpath = /var/log/nginx*/*access*.log
maxretry = 6
bantime = -1
[nginx-proxy]
enabled = true
action = iptables-multiport[name=NoProxy, port="http,https"]
telegram
filter = nginx-proxy
logpath = /var/log/nginx*/*access*.log
maxretry = 0
bantime = -1
我的过滤器取自:https://snippets.aktagon.com/snippets/554-how-to-secure-an-nginx-server-with-fail2ban