Что я делаю не так?
root@mail:~# cat /etc/fail2ban/filter.d/chinabots.conf | head
[Definition]
failregex = <HOST> .*GET /webdav/
<HOST> .*GET /xmlrpc.php
<HOST> .*GET /Administrator/FCKeditor/fckeditor.js
<HOST> .*GET /Administrator/fckeditor/fckeditor.js
<HOST> .*GET /CFIDE/administrator/
<HOST> .*GET /FCKEditorV2/fckeditor.js
<HOST> .*GET /FCKeditor/fckeditor.js
<HOST> .*GET /Fckeditor/fckeditor.js
<HOST> .*GET /Fckeditornew/fckeditor.js
root@mail:~# cat /etc/fail2ban/filter.d/testproxy.conf
[Definition]
failregex = <HOST> .*CONNECT
root@mail:~# cat /etc/fail2ban/jail.d/web.local
[nginx-http-auth]
enabled = true
filter = nginx-http-auth
port = http,https
logpath = /var/log/nginx/error.log
enabled = true
maxretry = 3
bantime = 86400
[chinabots]
enabled = true
filter = chinabots
port = http,https
logpath = /var/log/nginx/access.log
enabled = true
maxretry = 1
bantime = 100500
[testproxy]
enabled = true
filter = testproxy
port = http,https
logpath = /var/log/nginx/access.log
enabled = true
maxretry = 1
bantime = 200500
пампампам
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
пампарарарам
-A INPUT -j DROP
-A fail2ban-chinabots -j RETURN
-A fail2ban-dovecot -s 176.59.85.4/32 -j DROP
-A fail2ban-dovecot -j RETURN
-A fail2ban-nginx-http-auth -j RETURN
-A fail2ban-postfix -j RETURN
-A fail2ban-roundcube -j RETURN
-A fail2ban-testproxy -s 104.148.71.26/32 -j DROP
-A fail2ban-testproxy -s 104.148.71.34/32 -j DROP
-A fail2ban-testproxy -j RETURN
root@mail:~# fail2ban-client status testproxy
Status for the jail: testproxy
|- filter
| |- File list: /var/log/nginx/access.log
| |- Currently failed: 0
| `- Total failed: 2
`- action
|- Currently banned: 2
| `- IP list: 104.148.71.34 104.148.71.26
`- Total banned: 2
http {
...
limit_req_zone $binary_remote_addr zone=reqlimit:10m rate=30r/s;
...
}
server {
...
location / {
...
limit_req zone=reqlimit burst=10 nodelay;
}
}
[Definition]
failregex = limiting requests, excess: .* by zone .*, client: <HOST>
ignoreregex =
[nginx-req-limit]
enabled = true
port = http,https
filter = nginx-req-limit
logpath = /var/www/*/*/logs/error.log # Здесь укажите свой путь к логам виртуального хоста
findtime = 600
maxretry = 10
bantime = 7200
location / {
rewrite ^([^.\?]*[^/])$ $1/ permanent;
try_files $uri @clean_url;
}
rewrite ^([^.\?]*[^/])$ $1/ permanent;