发表Linux

Ubuntu 或 Debian 在 Nginx 下使用 fail2ban 阻止恶意扫描

/etc/fail2ban/filter.d 下新建 nginx-cc.conf

1
touch /etc/fail2ban/filter.d/nginx-cc.conf

输入:

nginx-cc.conf
1
2
3
[Definition]
failregex = ^<HOST> \- \S+ \[\] \".*\" (400|404|444) .+$
ignoreregex =.*(jpg|png)

然后在 /etc/fail2ban/jail.d/defaults-debian.conf 中加入如下几行:

defaults-debian.conf
1
2
3
4
5
6
7
[nginx-botsearch]
enabled = true
[nginx-cc]
enabled = true
filter  = nginx-cc
logpath = %(nginx_access_log)s
port    = http,https

unban:

1
fail2ban-client set jailname unbanip ipaddress

规则校验:

1
fail2ban-regex /var/log/nginx/*.access.log /etc/fail2ban/filter.d/nginx-cc.conf

链接

分类

标签

CoordinatorLayout1
Framework3
HashMap1
Hotfix1
Jetpack Navigation1
Kotlin1
Life1
MySQL2
Nginx2
Proxmox VE2
RecyclerView2
TextView1
Ubuntu3
Wordpress1
fail2ban1

最新文章

归档

×